The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing malware through official releases and GitHub Actions.
Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences for developers ...
Open source Trivy plugs into the software build process and scans container images and infrastructure-as-code files for vulnerabilities and misconfigurations. Attacks on cloud-native infrastructures ...
‘If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says. Attackers have compromised the widely used open-source ...
Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open ...
CERT-EU has attributed a major data breach at the European Commission to cybercrime group TeamPCP, which exploited a supply chain attack on the open-source security tool Trivy to steal 92 GB of ...
BOSTON — Nov. 6, 2023 — Aqua Security, the pioneer in cloud native security, today announced its open source solution Trivy now supports vulnerability scanning for Kubernetes components in addition to ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results