{"id":225995,"date":"2026-03-21T01:37:00","date_gmt":"2026-03-21T05:37:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/21\/trivy-vulnerability-scanner-backdoored-with-credential-stealer-in-supply-chain-attack\/"},"modified":"2026-03-21T08:20:22","modified_gmt":"2026-03-21T12:20:22","slug":"trivy-vulnerability-scanner-backdoored-with-credential-stealer-in-supply-chain-attack","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/21\/trivy-vulnerability-scanner-backdoored-with-credential-stealer-in-supply-chain-attack\/","title":{"rendered":"Trivy vulnerability scanner backdoored with credential stealer in supply chain attack"},"content":{"rendered":"<p><a href=\"https:\/\/www.csoonline.com\/article\/4148317\/trivy-vulnerability-scanner-backdoored-with-credential-stealer-in-supply-chain-attack.html\">Trivy vulnerability scanner backdoored with credential stealer in supply chain attack<\/a><\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4148317\/trivy-vulnerability-scanner-backdoored-with-credential-stealer-in-supply-chain-attack.html\">https:\/\/www.csoonline.com\/article\/4148317\/trivy-vulnerability-scanner-backdoored-with-credential-stealer-in-supply-chain-attack.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-21 01:37:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.csoonline.com\">www.csoonline.com<\/a><\/p>\n<h2 class=\"wp-block-heading\" id=\"multiple-components-backdoored\">Multiple components backdoored<\/h2>\n<p>Trivy, developed by Aqua Security, is one of the most widely used open-source vulnerability scanners, with over 32,000 GitHub stars and more than 100 million Docker Hub downloads. Developers use it to detect vulnerabilities and exposed secrets in their CI\/CD pipelines and container images.<\/p>\n<p>The attackers compromised three components of the Trivy project: trivy-action, the official GitHub Action for running Trivy scans in CI\/CD workflows; setup-trivy, a helper action for installing the scanner; and the Trivy binary itself. Backdoored artifacts were published to GitHub releases, Docker Hub, the GitHub Container Registry, and the Amazon Elastic Container Registry.<\/p>\n<p>According to Socket, 75 of 76 version tags in trivy-action were overwritten with malicious code, along with seven tags in setup-trivy. The only unaffected trivy-action tag was version 0.35.0. The compromised tags include widely used versions such as 0.34.2, 0.33.0, and 0.18.0.<\/p>\n<p><a href=\"https:\/\/www.csoonline.com\/article\/4148317\/trivy-vulnerability-scanner-backdoored-with-credential-stealer-in-supply-chain-attack.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Trivy vulnerability scanner backdoored with credential stealer in supply chain attack https:\/\/www.csoonline.com\/article\/4148317\/trivy-vulnerability-scanner-backdoored-with-credential-stealer-in-supply-chain-attack.html Publish Date: 2026-03-21&#8230;<\/p>\n","protected":false},"author":1,"featured_media":225996,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.csoonline.com\/wp-content\/uploads\/2026\/03\/4148317-0-28619700-1774071367-shutterstock_2416896949.jpg?quality=50&strip=all&w=1024","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[27],"class_list":["post-225995","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225995"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=225995"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225995\/revisions"}],"predecessor-version":[{"id":225997,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225995\/revisions\/225997"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/225996"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=225995"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=225995"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=225995"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}