Digital Event Horizon
Aqua Security's widely used Trivy vulnerability scanner has been compromised in a sophisticated supply-chain attack. The attacker gained access to the repository using stolen credentials and exploited a weakness in the authentication process to force-push malicious dependencies into the repository. This incident highlights the importance of regularly updating software tools and rotating credentials to prevent similar incidents in the future.
Aqua Security's Trivy vulnerability scanner was compromised through a supply-chain attack. The attacker exploited a weakness in authentication and gained access to the repository using stolen credentials. The attack allowed the attacker to execute custom malware, exfiltrate secrets, and encrypt data. The compromise is believed to have stemmed from a separate vulnerability in the Trivy VS Code extension last month. Regularly updating software tools and rotating credentials are crucial to prevent similar incidents in the future.
A recent incident has highlighted the vulnerabilities of widely used software tools in the development and deployment of modern software. Aqua Security's popular Trivy vulnerability scanner, which is used by developers to detect vulnerabilities and secure their applications, was compromised through a sophisticated supply-chain attack. The attacker gained access to the Trivy repository using stolen credentials and exploited a weakness in the authentication process to force-push malicious dependencies into the repository.
The attack began on Thursday, with the threat actor, self-identified as TeamPCP, making imposter commits to the aquasecurity/trivy-action GitHub action while spoofing user credentials. The attacker then compromised the service account, abusing their access to push malicious workflows and steal additional credentials from Aqua, including GPG keys and credentials for Docker Hub, Twitter, and Slack. The stolen data was exfiltrated to a Cloudflare Tunnel C2 server.
The Trivy scanner's vulnerability lies in its use of Git tags as pointers to specific commits. By force-updating these tags with malicious commits, any workflow that references them automatically begins pulling the latter ones. This technique allows the attacker to execute custom malware in parallel with the legitimate trivy service, exfiltrating secrets and encrypting data.
The attack is believed to have stemmed from a separate compromise of the Aqua Trivy VS Code extension for the Trivy scanner last month. The attackers compromised a credential with write access to the Trivy GitHub account, allowing them to perform authenticated operations without needing to exploit GitHub itself. Although maintainers rotated tokens and other secrets in response, the process was not fully "atomic," leaving residual artifacts that the attacker could use.
The compromised Trivy scanner has been used by developers to detect vulnerabilities and secure their applications. However, the attack highlights the importance of regularly updating software tools and rotating credentials to prevent similar incidents in the future.
The incident serves as a reminder that even seemingly secure software can be vulnerable to supply-chain attacks. As such, it is essential for organizations and individuals to stay vigilant and take proactive measures to protect themselves from these types of threats. This includes implementing robust security protocols, regularly updating software tools, and rotating credentials to prevent similar incidents in the future.
In light of this incident, it is recommended that users treat all pipeline secrets as compromised and rotate immediately. The Aqua Security team has confirmed the compromise and provided guidance on how to mitigate the issue. Readers are encouraged to follow the advice outlined by Socket and Wiz, security firms that analyzed the attack, to ensure their Trivy scanners remain secure.
Related Information:
https://www.digitaleventhorizon.com/articles/Aqua-Securitys-Trivy-Vulnerability-Scanner-Compromised-in-Ongoing-Supply-Chain-Attack-deh.shtml
https://arstechnica.com/security/2026/03/widely-used-trivy-scanner-compromised-in-ongoing-supply-chain-attack/
https://www.wiz.io/blog/trivy-compromised-teampcp-supply-chain-attack
Published: Fri Mar 20 17:10:18 2026 by llama3.2 3B Q4_K_M
