CP
cyberpings
Threat IntelHIGH

Trivy Compromised - Supply Chain Attack Explained

WIWiz Blog
Aqua SecurityTrivyTeamPCPsupply chain attackGitHub Actions
🎯

Basically, hackers used a popular tool to steal sensitive information from developers.

Quick Summary

Aqua Security's Trivy scanner was compromised by TeamPCP, injecting malware into official releases. Organizations using Trivy must audit their environments immediately to prevent data theft.

What Happened

On March 19, 2026, a significant supply chain attack targeted Aqua Security's Trivy vulnerability scanner. The attackers, identifying themselves as TeamPCP, injected credential-stealing malware into official releases and GitHub Actions. This breach was made possible due to previously retained access after an earlier incident involving hackbot-claw. The attackers executed imposter commits to the Trivy repository, leading to the release of a malicious version tagged as v0.69.4.

The malicious version of Trivy fetched credential-stealer code from a typosquatted domain, resulting in backdoored binaries being published across various platforms, including GitHub Releases and Docker Hub. Aqua Security has since removed these harmful artifacts, but the incident underscores the importance of vigilance in software supply chains.

Who's Being Targeted

Organizations using the Trivy scanner and its associated GitHub Actions are at risk. With the malware's ability to exfiltrate sensitive data, including GPG keys and credentials for Docker Hub, Twitter, and Slack, the attack could have far-reaching consequences. The compromised components included the core scanner and two GitHub Actions: trivy-action and setup-trivy.

The malware operates by injecting a three-stage payload into these actions. Once executed, it runs on the victim's GitHub Actions runner, making it particularly dangerous for developers who rely on these tools for continuous integration and deployment.

Tactics & Techniques

The malware employed by TeamPCP follows a systematic approach:

  1. Collection: It scrapes memory from the GitHub Actions runner to gather secrets such as SSH keys and cloud credentials.
  2. Encryption: The collected data is encrypted using AES-256-CBC with RSA-4096 hybrid encryption.
  3. Exfiltration: The encrypted data bundle is sent to a remote server, or, if that fails, it creates a repository in the victim's GitHub account to upload the stolen credentials.

This multi-faceted approach not only maximizes the chances of successful data theft but also ensures that the attackers can maintain access even if their initial methods are blocked.

Defensive Measures

Organizations must take immediate action to mitigate the risks associated with this breach. Here are some critical steps:

  • Audit Trivy Versions: Check if your organization has pulled or executed Trivy v0.69.4 from any source. Remove any affected artifacts immediately.
  • Review GitHub Actions: Examine workflows using aquasecurity/trivy-action or aquasecurity/setup-trivy. If you referenced a version tag rather than a SHA, check for signs of compromise in your workflow run logs from March 19-20.
  • Search for Exfiltration Artifacts: Look for any repositories named tpcp-docs in your GitHub organization, which may indicate successful data exfiltration.

Long-term, organizations should pin GitHub Actions to full SHA hashes instead of version tags to prevent similar attacks in the future. Vigilance and proactive measures are essential in safeguarding against supply chain vulnerabilities.

🔒 Pro insight: This incident highlights the need for strict version control in CI/CD pipelines to prevent supply chain attacks.

Original article from

Wiz Blog

Read Full Article

Share

Related Pings

HIGHThreat Intel

Threat Intel - Iran's Handala Group Hacks Stryker Medical Tech

The U.S. accused Iran of running the hacktivist group Handala, responsible for a major cyberattack on Stryker. This incident underscores the rising cyber tensions globally. Organizations must enhance their defenses to mitigate such threats.

TechCrunch Security·
HIGHThreat Intel

DOJ Confirms Seizure of Domains Linked to Iranian Threat Actor

The DOJ has seized domains linked to Iranian hackers involved in the Stryker breach. This highlights ongoing cyber espionage threats against critical sectors. Organizations must enhance their defenses to mitigate such risks.

Cybersecurity Dive·
HIGHThreat Intel

Threat Intel - US Seizes Domains from Major Botnet Campaigns

The US has seized domains linked to major botnets like Aisuru and KimWolf. These networks caused extensive DDoS attacks, impacting countless victims. This operation aims to disrupt their operations and protect users.

The Record·
HIGHThreat Intel

Geopolitical Cyberattacks - How CISOs Can Survive Them

Geopolitical tensions are driving destructive cyberattacks aimed at disruption. Organizations like Stryker have faced severe impacts. CISOs must adapt strategies to limit damage and ensure resilience.

BleepingComputer·
HIGHThreat Intel

Threat Intel - Feds Disrupt Major IoT Botnets Behind DDoS Attacks

The U.S. government has disrupted major IoT botnets behind record DDoS attacks. Over three million devices were compromised, threatening national security. This operation highlights the ongoing risks posed by insecure devices.

The Register Security·
HIGHThreat Intel

Threat Intel - US Links Handala Hackers to Iran Government

The US has linked the Handala hacker group to the Iranian government. This connection raises concerns about cyber threats to critical infrastructure. Authorities are taking action by seizing domains used for psychological operations.

SecurityWeek·