Security researchers are warning about a supply-chain compromise impacting **Trivy**, a widely-used vulnerability scanner for containers, Kubernetes, code repositories, and cloud infrastructure. In the reported incident, attackers used compromised access to push **trojanized components** via both a Trivy release and associated **GitHub Actions** (including trivy-action and setup-trivy).

## What happened

BleepingComputer reports that Trivy version **0.69.4** was backdoored, and that attackers also force-pushed many GitHub Actions tags in the **aquasecurity/trivy-action** repository to point to malicious commits. This is particularly dangerous because CI/CD workflows often pin actions by tag, which can silently change what code runs in your pipeline.

## What the malware did

According to analysis cited by BleepingComputer (including Socket and Wiz findings), the infostealer focused on harvesting sensitive material such as:

- Cloud credentials (AWS/GCP/Azure), Kubernetes and Docker configs

- SSH keys

- .env files and other configuration files

- CI/CD secrets, tokens, and shell histories

- TLS private keys and VPN configurations

Collected data was reportedly archived and exfiltrated to a typosquatted domain. In some cases, if exfiltration failed, the malware attempted to upload stolen data into a public GitHub repository created under the victim’s account.

## Why it matters

Trivy is commonly run inside build pipelines with privileged access to registries, cloud accounts, and deployment systems. A compromised scanner or action can become a **high-impact secrets theft** vector, leading to downstream incidents (account takeover, cloud resource abuse, further supply-chain tampering).

## What to do now (defensive checklist)

- Identify whether your org used affected Trivy versions/actions during the reported window.

- **Rotate secrets**: assume compromise if affected tags/releases were used.

- Review GitHub Actions usage and pin actions to immutable **commit SHAs** where feasible.

- Audit runners/dev machines for unexpected persistence (e.g., user systemd services).

- Add detection for typosquatted domains and unusual outbound traffic from CI runners.