A supply chain attack has compromised almost every version of Aqua Security’s Trivy vulnerability scanner, posing significant risks to developers and organizations that rely on it for security checks. The incident, confirmed by maintainer Itay Shakury on Friday, began early Thursday when attackers used stolen credentials to force-push malicious updates to repository tags.
Trivy, a tool with 33,200 stars on GitHub indicating widespread adoption, scans for vulnerabilities and hardcoded secrets in software development pipelines. In this attack, threat actors overrode safety mechanisms by force-pushing all but one trivy-action tag and seven setup-trivy tags to include harmful dependencies.
Shakury advised users to treat all pipeline secrets as compromised and rotate them immediately if they suspect running a compromised version. The malware, active in 75 compromised trivy-action tags, systematically searches development environments for sensitive data like GitHub tokens, cloud credentials, SSH keys, and Kubernetes tokens.
Security firms Socket and Wiz reported that the malicious code encrypts stolen secrets and transmits them to attacker-controlled servers. Any CI/CD pipeline using software with compromised version tags executes this code as soon as a Trivy scan runs, potentially exposing critical infrastructure.
Spoofed version tags include @0.34.2, @0.33, and @0.18.0, which are commonly used in development workflows. Version @0.35.0 remains unaffected, offering a safe alternative for users. The attack highlights vulnerabilities in supply chain security, where a single compromised tool can impact numerous downstream processes.
This incident underscores the importance of monitoring for forced pushes in version control systems, as they can bypass protections against overwriting commits. Developers should verify dependencies and update to secure versions to mitigate risks from such supply chain attacks.
