A sophisticated supply chain attack compromised Aqua Security’s popular open-source Trivy vulnerability scanner. Threat actors successfully distributed malicious code through the project’s GitHub Actions, targeting deployment pipelines to silently exfiltrate sensitive credentials. While Aqua’s commercial products remain completely unaffected, the incident highlights the severe risks of using mutable version tags in deployment automation. The attack […]

The post Aqua Security’s Trivy Scanner Hit by Supply Chain Attack, Threatening Software Integrity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.