Widely used Trivy scanner compromised in ongoing supply-chain attack

Found 21 hours ago ago at Arstechnica

Hackers have compromised virtually all versions of Aqua Securitys widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide ranging consequences for developers and the organizations that use them. Trivy maintainer Itay Shakury confirmed the compromise on Friday, following rumors and a thread , since deleted by the attackers, discussing the incident. The attack began in the early hours of Thursday. When it was done, the threat actor had used stolen...

Read the full article at Arstechnica

More Developer News

Widely used Trivy scanner compromised in ongoing supply-chain attack

Found 21 hours ago at Arstechnica

Smart Glasses Are Getting Harder To Spot In Public, But This App Can Detect Them

Found 2 days ago at Boy Genius Report

New "vibe coded" AI translation tool splits the video game preservation community

Found 4 days ago at Arstechnica

Nvidia bets on OpenClaw, but adds a security layer - how NemoClaw works

Found 4 days ago at All About Microsoft

Supply-chain attack using invisible code hits GitHub and other repositories

Found 7 days ago at Arstechnica