## GitHub Action Compromised: Malicious Trivy Releases and Tags Force-Pushed by Threat Actor A critical supply chain attack has compromised the official GitHub Actions for Trivy, a widely used open-source security scanner. On March 19, 2026, a threat actor used stolen credentials to publish a malicious Trivy v0.69.4 release and then force-pushed 76 out of 77 version tags in the `aquasecurity/trivy-action` repository to point to credential-stealing malware. Simultaneously, all 7 tags in the related `aquasecurity/setup-trivy` repository were replaced with malicious commits. This attack directly targeted the core release infrastructure of a key security tool, turning its own update mechanism into a vector for compromise. The attack extended beyond GitHub to DockerHub. Three days later, on March 22, the same or a related actor used compromised credentials again to publish malicious Trivy v0.69.5 and v0.69.6 images on the public container registry. This multi-platform, multi-stage operation indicates a sophisticated effort to maximize infection rates, exploiting the trust in automated security updates and containerized workflows. The exposure window for these components is defined, creating a clear timeframe for organizations to audit their CI/CD pipelines for potential compromise. The implications are severe for any development team that automatically pulls the latest Trivy action or Docker image. This incident is a stark example of a software supply chain attack where the security scanner itself becomes the threat. It raises immediate risks for data exfiltration and further lateral movement within victim environments, as the malware was designed to steal credentials. The event prompts urgent scrutiny of dependency management and credential security for maintainers of high-profile open-source projects, especially those integrated into automated security tooling. --- - **Source**: GitHub Issues - **Sector**: The Lab - **Tags**: supply-chain-attack, github-actions, docker, malware, CVE-2026-33634 - **Credibility**: unverified - **Published**: 2026-03-31 19:27:17 - **ID**: 43844 - **URL**: https://whisperx.ai/en/intel/43844