## Aqua Security Trivy GitHub Action Compromised: Malicious Tags Force-Pushed in Supply Chain Attack
A sophisticated supply chain attack has compromised the official GitHub Actions for Aqua Security's Trivy vulnerability scanner. Threat actors used stolen credentials to publish a malicious Trivy v0.69.4 release and then force-pushed 76 out of 77 version tags in the `aquasecurity/trivy-action` repository to credential-stealing malware. Simultaneously, all 7 tags in the related `aquasecurity/setup-trivy` repository were replaced with malicious commits. This attack directly poisoned the automated security scanning tools used by thousands of development pipelines worldwide.

The attack unfolded in two distinct phases. On March 19, 2026, the initial compromise targeted the GitHub repositories, injecting malware designed to steal credentials from any CI/CD pipeline that automatically pulled the latest or a specific tagged version of the action. Three days later, on March 22, the threat actors escalated the attack by using compromised credentials to publish malicious Trivy v0.69.5 and v0.69.6 container images to DockerHub, expanding the infection vector beyond GitHub's ecosystem.

The exposure window for the initial GitHub-based attack lasted from March 19, 2026, 18:22 UTC until the malicious tags were reverted. Any organization that ran workflows using the compromised `trivy-action` or `setup-trivy` actions during this period is at direct risk. This incident represents a critical failure in the security of a foundational security tool itself, turning a trusted scanner into a potent attack vector. It underscores the extreme vulnerability of automated software supply chains to credential compromise and the cascading damage when a security vendor's own infrastructure is breached.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: supply-chain-attack, github-actions, trivy, aqua-security, CVE-2026-33634
- **Credibility**: unverified
- **Published**: 2026-03-25 05:56:51
- **ID**: 32467
- **URL**: https://whisperx.ai/en/intel/32467