The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing infections.

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules.

If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says.

Overview Container security tools defend cloud-native applications from being exploited through vulnerabilities. DevSecOps ...

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

A threat actor used the open source security tool to breach CI/CD workflows and steal cloud credentials, SSH keys, and other ...

Actionable ASM and ASPM platform delivers AI container vulnerability remediation with 91% reduction of false positives ...

Find return points for your beverage containers with the new website launched for Singapore's recycling scheme. Read more at ...

Trivy supply chain attack pushed malicious Docker images on March 22, enabling credential theft and worm spread, impacting cloud environments.

To get their refunds, app users can generate their personal QR code and scan it at the reverse vending machines.

RSAC 2026 Thousands of organizations' cloud environments have been infected with secret-stealing malware as a result of the Trivy supply-chain attack last week, and now the crims that compromised the ...