## Aqua Security Trivy GitHub Action Compromised: Malicious Tags Force-Pushed in Supply Chain Attack
A critical supply chain attack has compromised the official GitHub Actions for Aqua Security's Trivy vulnerability scanner. A threat actor, using stolen credentials, force-pushed malicious code to 76 out of 77 version tags in the `aquasecurity/trivy-action` repository, replacing legitimate releases with credential-stealing malware. The attacker simultaneously replaced all 7 tags in the related `aquasecurity/setup-trivy` repository with malicious commits, creating a widespread infection vector for any CI/CD pipeline using these automated security tools.

The attack unfolded in two phases. On March 19, 2026, the actor published a malicious Trivy v0.69.4 release on GitHub. Three days later, on March 22, the same compromised credentials were used to publish malicious Trivy v0.69.5 and v0.69.6 container images to DockerHub. This multi-platform approach significantly expanded the attack surface, targeting both GitHub Actions workflows and containerized deployments that pull images directly from DockerHub.

The exposure window for the initial GitHub-based compromise lasted approximately 2 days and 16 hours, from March 19, 18:22 UTC until mitigation. Any organization that ran workflows or built containers using the affected tags during this period is at direct risk. The incident underscores the severe consequences of credential compromise in open-source infrastructure and highlights how automated security tools, designed to protect the software supply chain, can themselves become potent attack vectors when compromised.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: supply-chain-attack, github-actions, container-security, credential-compromise, CVE-2026-33634
- **Credibility**: unverified
- **Published**: 2026-03-25 05:56:49
- **ID**: 32465
- **URL**: https://whisperx.ai/en/intel/32465