BOSTON and TEL AVIV, Israel, July 07, 2025 (GLOBE NEWSWIRE) -- Aqua Security, the pioneer in cloud native security and the primary maintainer of Aqua Trivy, today announced the launch of the Trivy ...
Open source Trivy plugs into the software build process and scans container images and infrastructure-as-code files for vulnerabilities and misconfigurations. Attacks on cloud-native infrastructures ...
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing malware through official releases and GitHub Actions.
Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open ...
The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company’s GitHub organization to tamper with dozens of ...
Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing supply chain attack that could have wide-ranging consequences for developers ...
‘If you suspect you were running a compromised version, treat all pipeline secrets as compromised and rotate immediately,’ Trivy maintainer says. Attackers have compromised the widely used open-source ...
A threat actor is systematically targeting cloud credentials, SSH keys, authentication tokens, and other sensitive secrets stored in automated enterprise software build and deployment pipelines after ...
Socket and Wiz confirm widespread credential theft and worm‑like propagation, with cached malicious Trivy artifacts still circulating across mirror infrastructure despite takedowns. What started as a ...
Program’s first members Echo and Minimus deliver secure-by-design image solutions to Trivy users BOSTON and TEL AVIV, Israel, July 07, 2025 (GLOBE NEWSWIRE) -- Aqua Security, the pioneer in cloud ...