Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across ...

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...

Spread the loveThe cybersecurity landscape has been shaken by a significant supply chain attack involving the popular Trivy vulnerability scanner, a tool widely used in DevOps environments. Developed ...

Spread the loveThe Cybersecurity and Infrastructure Security Agency (CISA) has recently made headlines by adding two significant vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

The Trivy supply chain compromise gave attackers a way to deliver malicious infostealer code. Learn how it happened and ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open ...

BOSTON and TEL AVIV, Israel, July 31, 2025 (GLOBE NEWSWIRE) -- Aqua Security, the pioneer in cloud native security and primary maintainer of Trivy, today announced that Root has joined the Trivy ...