The incident did not affect Aqua’s commercial products, but it demonstrates how attackers can weaponize trusted development workflows to steal sensitive data silently.
The threat actors did not distribute a separate malicious binary. Instead, they leveraged stolen GitHub credentials to manipulate existing repositories, specifically aquasecurity/trivy-action and setup-trivy.
By force-pushing malicious commits to existing version tags, they ensured that automated pipelines unknowingly pulled compromised code.
This technique proved highly effective because many organizations rely on version tags (such as v0.x) rather than immutable commit hashes in their CI/CD workflows.
As a result, pipelines automatically downloaded the altered code without triggering suspicion.
The injected payload executed before Trivy’s legitimate scanning process began. This allowed workflows to complete successfully, masking the attack while enabling silent data exfiltration.
The malware specifically targeted high-value secrets, including:
Because CI/CD pipelines often have broad access to infrastructure, this level of access could enable lateral movement, privilege escalation, and full environment compromise.
Initial compromise occurred in late February 2026. Aqua identified that incomplete credential rotation on March 1 allowed attackers to retain access.
Additional suspicious activity on March 22 suggests attempts to reestablish persistence, indicating a multi-stage operation.
Aqua has since revoked all compromised credentials, removed malicious artifacts, and transitioned away from long-lived tokens.
The company also engaged incident response firm Sygnia to support forensic investigation and containment.
Aqua confirmed that its commercial platform was not affected due to strict architectural separation. Unlike the open-source pipeline, the commercial build system:
This separation prevented the malicious code from reaching enterprise customers.
Organizations using Trivy in automated workflows should act immediately:
Security teams should assume credential exposure if affected versions were used.
Defenders should monitor and block the following indicators:
These indicators suggest active data exfiltration or attacker persistence.
This incident highlights a critical weakness in software supply chains: reliance on mutable version tags. Attackers exploited this trust model without introducing new files or obvious indicators.
A simple defensive improvement, pinning dependencies to immutable commit SHA hashes, could have prevented the attack entirely.
For example, referencing a specific commit ensures that even if a tag is altered, pipelines will not execute unauthorized code.
As CI/CD pipelines increasingly become high-value targets, organizations must treat them as sensitive infrastructure, applying strict access control, monitoring, and dependency integrity validation.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google
The post Aqua Security’s Trivy Scanner Hit by Supply Chain Attack appeared first on Cyber Security News.
Shares in Pearl Abyss, the developer and publisher of Crimson Desert, skyrocketed today after the…
Avatar: Fire and Ash is set to end its long run of exclusivity in theaters…
HBO boss Casey Bloys has discussed the "serious security" around its Harry Potter TV series,…
A "fan-driven collaboration designed to give players a new way" to play EverQuest is on…
The post Meta Ordered To Pay $375M Over Child Safety Violations appeared first on TV…
The post The Sora-Disney Collapse: What Does It Mean? appeared first on TV News Check.
This website uses cookies.