## Aqua Security Trivy Action Compromised: Malicious Tags Force-Pushed in Major Supply Chain Attack
A sophisticated supply chain attack has compromised the official GitHub Actions for Aqua Security's Trivy, a critical open-source security scanner used by millions of projects. Threat actors used stolen credentials to publish a malicious Trivy v0.69.4 release and then force-pushed 76 out of 77 version tags in the `aquasecurity/trivy-action` repository to point to credential-stealing malware. Simultaneously, all 7 tags in the related `aquasecurity/setup-trivy` repository were replaced with malicious commits. This represents a direct hijacking of a core security tool's distribution channels.

The attack unfolded in two distinct phases. The initial compromise began on March 19, 2026, with the publication of the malicious v0.69.4 release and the mass tag manipulation. The threat actors escalated the attack on March 22, 2026, by using the same compromised credentials to publish malicious Trivy v0.69.5 and v0.69.6 images to DockerHub. This multi-vector approach—targeting both the GitHub Action ecosystem and container registries—significantly widened the potential exposure for any development pipeline that automatically pulls the latest or common versions of these tools.

The incident, tracked as CVE-2026-33634, exposes a critical weakness in the maintenance of automated security tooling. The forced updates to version tags mean any workflow configured to use a standard tag (like `v0` or `v0.35`) could have silently pulled and executed malware instead of the legitimate scanner. This breach places immense pressure on organizations to audit their CI/CD pipelines immediately, scrutinize all recent Trivy scans, and rotate any credentials that may have been exposed. The integrity of a tool designed to find vulnerabilities has itself become the vulnerability, creating a cascading trust crisis in automated security enforcement.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: supply-chain-attack, github-actions, trivy, malware, CVE-2026-33634
- **Credibility**: unverified
- **Published**: 2026-03-28 05:27:05
- **ID**: 38778
- **URL**: https://whisperx.ai/en/intel/38778