The Hacker News
@thehackernews
�� ALERT - Trivy, a popular open-source vulnerability scanner, was compromised after attackers hijacked 75 version tags in #GitHub Actions to deliver an infostealer.
It ran in CI pipelines, stealing creds and tokens, then exfiltrating data or staging it via stolen GitHub PATs.
�� Attack flow, impacted versions, fixes → https://thehackernews.com/2026/03/trivy-security-scanner-github-actions.html
It ran in CI pipelines, stealing creds and tokens, then exfiltrating data or staging it via stolen GitHub PATs.
�� Attack flow, impacted versions, fixes → https://thehackernews.com/2026/03/trivy-security-scanner-github-actions.html
🤯 22
😁 8
🔥 4
🤔 3
⚡ 2
👍 1
83 12.3K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram