TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

By rooter

Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware that stole sensitive CI/CD secrets.
The latest incident impacted GitHub Actions “aquasecurity/trivy-action” and “aquasecurity/setup-trivy,” which are used to scan Docker container images for vulnerabilities and set up GitHub Actions workflow

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Patch Now: Oracle’s Fusion Middleware Has Critical RCE Flaw

rooter
Cyber Security

Cyber OpSec Fail: Beast Gang Exposes Ransomware Server

rooter
Cyber Security

Cybet Review: A Fast-Growing Crypto Casino with Fast Withdrawals and No-KYC Gaming

rooter

Leave a Reply

You Missed

News

Navia data breach impacts nearly 2.7 Million people

News

A new Nintendo Switch 2 could be the poster child for replaceable batteries

News

Nevada Bans Kalshi for at Least the Next Two Weeks

News

Future Sony PlayStation games will use AI to imagine new frames