stepsecurity.io

Trivy Compromised a Second Time - Malicious v0.69.4 Release, aquasecurity/setup-trivy, aquasecurity/trivy-action GitHub Actions Compromised (opens in new tab)

Covered by 3 sources See all sources covering this story including Andrew Nesbitt, golem.deDiscussed on Hacker News, Hacker News, Lobsters, and r/devops

On March 19, 2026, trivy — a widely used open source vulnerability scanner maintained by Aqua Security — experienced a second security incident. Three weeks after the hackerbot-claw incident on February 28 that resulted in a repository takeover, a new compromised release (v0.69.4) was published to the trivy repository. The original incident disclosure discussion (#10265) was also deleted during this period, and version tags on the aquasecurity/setup-trivy GitHub Action were removed. Trivy mai...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 3 articles

Andrew Nesbitt·

GitHub Actions security in Python packages

Feeds
pavel.gr·

Finding Unpinned and Unpinnable GitHub Actions Across Your Org

Discussed on Hacker News
Feeds

In other languages

golem.de
·

(g+) Trivy Supply-Chain-Angriff: Wenn der Security-Scanner selbst zum Angriff wird

Feeds

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help