A supply chain attack on Trivy, the popular open source vulnerability scanner maintained by Aqua Security, has infected over 1,000 cloud environments with secret-stealing malware. Attackers from group TeamPCP exploited a GitHub Actions misconfiguration to steal a privileged access token back in February, then used it in March to push malicious container images and force-push 75 of 76 trivy-action tags to compromised versions. Anyone running Trivy in their CI/CD pipeline inadvertently executed infostealer malware. The attack has since expanded to trojanize liteLLM (present in 36% of cloud environments), spread via a novel npm worm called CanisterWorm, publish malicious Docker Hub images, and deface Aqua Security's internal GitHub. The criminals are now collaborating with extortion groups including Lapsus$, with Mandiant's CTO warning the victim count could grow to 10,000+.
Sort: