Trivy ecosystem supply chain briefly compromised

57 points • by batch12 • last Friday at 3:30 AM • 20 comments • view on HN

Comments

This attack seems predicated on a prior security incident (https://socket.dev/blog/unauthorized-ai-agent-execution-code...) at Trivy where they failed to successfully remediate and contain the damage. I think at this time, Trivy should’ve undertaken a full reassessment of risks and clearly isolated credentials and reduced risk systemically. This did not happen, and the second compromise occurred.

➕ show 1 reply

AdrienPoupa • today at 3:41 AM

Don't forget to pin your GitHub Actions to SHAs instead of tags, that may or may not be immutable!

➕ show 1 reply

woodruffw • today at 3:56 AM

I don’t think “briefly compromised” is accurate. The short span between this and the previous compromise of trivy suggests that the attacker was able to persist between their two periods of activity.

swq115 • today at 6:33 AM

The irony of your vulnerability scanner being the vulnerability.

snailmailman • today at 12:30 AM

Are the spam comments all from compromised accounts, presumably compromised due to this hack?

I only clicked on a handful of accounts but several of them have plausibly real looking profiles.

➕ show 2 replies

RS-232 • today at 1:48 AM

Pretty ironic that the security tool is insecure

➕ show 1 reply

MilnerRoute • today at 12:53 AM

Briefly?

"Trivy Supply Chain Attack Spreads, Triggers Self-Spreading CanisterWorm Across 47 npm Packages"