Trivy supply-chain attack spreads to Docker, GitHub repos

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images ...
SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing ...
The Hacker News

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting ...
Infosecurity Magazine

Trivy Supply Chain Attack Expands With New Compromised Docker Images

A new set of compromised Docker images linked to the Trivy supply chain attack has been identified, expanding the impact of ...
CSO Online

Trivy vulnerability scanner backdoored with credential stealer in supply chain attack

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ ...
Security Boulevard

Latest OpenClaw Security Risk: Fake GitHub Repositories Used to Deploy Infostealers

More OpenClaw security woes. Huntress researchers say bad actors convinced users to download a bogus installer for the AI personal assistant that deployed infostealers by hosting it in a malicious ...