Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
India Bans Apps Used to Remotely Disable E-Rickshaws
July 3, 2026
The Future of Encryption: Top Post-Quantum Cryptography Solutions for 2026
July 3, 2026
Alibaba Bans Internal Use of Claude AI Over Backdoor Concerns
July 3, 2026
Home/CyberSecurity News/Aqua Security Trivy Scanner Supply Chain Attack Compromises Users
CyberSecurity News

Aqua Security Trivy Scanner Supply Chain Attack Compromises Users

Key Takeaways Aqua Security’s open-source vulnerability scanner, Trivy, was compromised in a sophisticated supply chain attack. Attackers used stolen credentials to inject malicious code into...

Marcus Rodriguez
Marcus Rodriguez
March 25, 2026 4 Min Read
40 0

Key Takeaways

  • Aqua Security’s open-source vulnerability scanner, Trivy, was compromised in a sophisticated supply chain attack.
  • Attackers used stolen credentials to inject malicious code into Trivy releases, turning the tool into a mechanism for widespread credential theft from CI/CD pipelines.
  • The attack targeted users relying on mutable version tags for aquasecurity/trivy-action and aquasecurity/setup-trivy, specifically affecting Trivy binary version 0.69.4.
  • A fix is available; users must update to safe versions and immediately rotate all secrets exposed to affected CI/CD environments.

Aqua Security Trivy Scanner Supply Chain Attack Compromises Users

Aqua Security’s widely adopted open-source vulnerability scanner, Trivy, has fallen victim to a sophisticated supply chain attack, as confirmed by the vendor. Threat actors exploited compromised credentials to distribute malicious versions of the tool, effectively transforming Trivy into a conduit for large-scale credential theft across continuous integration/continuous delivery (CI/CD) pipelines.

Table Of Content

  • Key Takeaways
  • Aqua Security Trivy Scanner Supply Chain Attack Compromises Users
  • Attack Unfolds: From Initial Breach to Malicious Releases
  • Malicious Payload and Impact
  • Response and Ongoing Remediation
  • Vulnerability Details and Compromised Components
  • What You Should Do

The incident remains under active investigation, with evidence suggesting attackers are continuing to leverage stolen credentials across the broader ecosystem.

Attack Unfolds: From Initial Breach to Malicious Releases

The breach originated in late February 2026 when attackers exploited a misconfiguration within Trivy’s GitHub Actions environment. This allowed them to extract a privileged access token, providing an initial foothold.

Although the Trivy team disclosed the incident and performed a credential rotation on March 1, the remediation was incomplete. This oversight enabled the adversary to maintain persistent access through still-valid credentials.

The attack escalated significantly on March 19. The threat actor force-pushed malicious commits to 76 out of 77 version tags in the aquasecurity/trivy-action repository and all seven tags in aquasecurity/setup-trivy. Concurrently, a compromised service account initiated automated release pipelines, publishing a backdoored Trivy binary identified as version 0.69.4.

Crucially, the attackers did not introduce a new, obviously malicious version. Instead, they modified existing version tags, silently injecting their code into workflows that organizations were already executing, making detection challenging.

Malicious Payload and Impact

The injected malicious payload was designed to execute before the legitimate Trivy scanning logic. This deceptive approach ensured that compromised workflows appeared to complete without incident, masking the malicious activity.

During its silent operation, the malware actively harvested sensitive information from CI/CD environments. This included API tokens, cloud provider credentials for AWS, GCP, and Azure, SSH keys, Kubernetes tokens, and Docker configuration files. This stolen data was then exfiltrated to infrastructure controlled by the attackers.

Aqua Security confirmed that only open-source users relying on mutable version tags, rather than pinned commit hashes, were affected. The company’s commercial products remained secure and unaffected, attributed to their architectural isolation, dedicated pipelines, stringent access controls, and a controlled integration process that lags open-source releases.

Response and Ongoing Remediation

Aqua Security, in collaboration with global incident response firm Sygnia, initiated rapid containment and remediation efforts. Over the weekend of March 21-22, investigators uncovered further suspicious activity, indicating the threat actor’s attempts to reestablish access and suggesting an ongoing campaign.

Remediation steps included the removal of all malicious releases from distribution channels such as GitHub Releases, Docker Hub, and Amazon ECR. Comprehensive credential revocations were performed across all environments, long-lived tokens were eliminated, and immutable release verification mechanisms are being implemented to prevent future tampering. All compromised version tags have either been deleted or repointed to known-safe, verified commits.

Aqua Security acknowledged the vital role of the broader security community in mitigating the incident’s fallout, specifically thanking research teams at Aikido Security and CrowdStrike for their swift technical publications, which significantly accelerated community awareness and response efforts. Given Trivy’s open-source nature and lack of a centralized user registry, this collaborative ecosystem response was crucial for notifying downstream users of the active threat.

Vulnerability Details and Compromised Components

Security teams are strongly advised to immediately audit their environments for any use of the compromised versions and update to known-safe releases. All secrets accessible to affected runner environments must be treated as compromised and rotated without delay.

Component Compromised Version Safe Version Impact Details
Trivy binary v0.69.4 v0.69.2-v0.69.3 Malicious binary published via automated release
aquasecurity/trivy-action Multiple tags v0.35.0 76 of 77 version tags force-pushed to malicious commits
aquasecurity/setup-trivy Multiple tags v0.2.6 All 7 version tags compromised and redirected

What You Should Do

  • Audit and Update: Immediately scan your CI/CD environments for the presence of Trivy binary v0.69.4, aquasecurity/trivy-action (any tag other than v0.35.0), and aquasecurity/setup-trivy (any tag other than v0.2.6). Update to the specified safe versions or later trusted releases.
  • Rotate Credentials: Assume all secrets (API tokens, cloud credentials, SSH keys, Kubernetes tokens, Docker configs) accessible by any potentially affected CI/CD runner environment are compromised. Initiate an immediate and comprehensive rotation of these credentials.
  • Monitor and Block IOCs: Implement proactive hunting for the following Indicators of Compromise (IOCs) within your network firewalls, SIEMs, and GitHub audit logs to detect potential exfiltration or lateral movement:
    • Network C2 Domain: scan.aquasecurtiy[.]org (Block at network perimeter; hunt DNS query logs)
    • Network IP Address: 45.148.10[.]212 (Block at firewall; hunt outbound connections)
    • Secondary C2 Tunnel: plug-tab-protective-relay.trycloudflare.com (Search DNS logs for potential lateral-movement)
    • GitHub Exfiltration Repo: tpcp-docs (Search GitHub organizations for unauthorized repository creation)
    • ICP Blockchain C2: tdtqy-oyaaa-aaaae-af2dq-cai.raw.icp0.io (Block egress to icp0.io at network perimeter)
    • Compromised Binary: trivy v0.69.4 (Search container registries and CI caches)
  • Pin Dependencies: Adopt the practice of pinning CI/CD pipeline dependencies to immutable commit hashes rather than mutable version tags to prevent similar supply chain attacks.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackBreachExploitMalwareSecurityThreatVulnerability

Share Article

Marcus Rodriguez

Marcus Rodriguez

Marcus is a security researcher and investigative journalist with expertise in vulnerability research, bug bounties, and cloud security. Since 2017, Marcus has been breaking stories on critical vulnerabilities affecting major platforms. His investigative work has led to the disclosure of numerous security flaws and improved defenses across the industry. Marcus is an active participant in bug bounty programs and has been recognized for responsible disclosure practices. He holds multiple security certifications and regularly speaks at industry events.

Previous Post

HackerOne Data Breach: Employee Data Stolen Via Navia IT Systems Hack

Next Post

Kali Linux 2026.1 Released, Adds 8 New Hacking Tools

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
AI Poisoning Attack Abuses SEO and Hidden HTML to Trick AI Agents
July 3, 2026
Nebula AI Platform Automates Pen Testing to Find Vulnerabilities
July 3, 2026
PureLog Stealer Uses Blogspot and PowerShell to Deliver Malware
July 3, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us