Aqua Security’s popular open-source tool, Trivy, has been compromised in a sophisticated supply chain attack. Exploiting stolen credentials, attackers turned the trusted vulnerability scanner into a tool for credential theft, impacting numerous CI/CD pipelines.
Details of the Attack
The breach began in late February 2026 when a misconfiguration in Trivy’s GitHub Actions environment was exploited, allowing the extraction of a privileged access token. Although the Trivy team disclosed the breach and rotated credentials on March 1, the response was incomplete, enabling attackers to maintain access with some valid credentials.
On March 19, the attackers escalated their activities by force-pushing malicious commits to the aquasecurity/trivy-action repository and modifying all seven tags in aquasecurity/setup-trivy. These actions led to the distribution of a backdoored version of Trivy, labeled as 0.69.4, through automated release pipelines.
Impact and Response
The modified Trivy version executed malicious payloads before legitimate scanning processes, collecting sensitive information such as API tokens, cloud provider credentials, and more. This data was then exfiltrated to attacker-controlled infrastructure. The attack specifically targeted users relying on mutable version tags.
Aqua Security’s commercial offerings were unaffected due to isolated architecture and stringent controls. The company collaborated with Sygnia to quickly move from containment to remediation, removing malicious releases and conducting comprehensive credential revocations.
Community Efforts and Future Precautions
The broader security community played a pivotal role in mitigating the attack’s impact. Contributions from Aikido Security and CrowdStrike were crucial in raising awareness and aiding response efforts. Given Trivy’s open-source nature, community collaboration was vital to notify users of the threat.
Security teams are advised to audit their environments for the compromised versions and update to safe releases. Immediate rotation of exposed secrets is critical, and organizations should monitor network and host-based indicators for potential exfiltration activities.
Conclusion and Recommendations
This incident underscores the importance of robust security practices in open-source projects. Aqua Security’s rapid response and the community’s collaborative efforts highlight the power of joint action in cybersecurity. Continuous vigilance and proactive security measures are essential to safeguard against such sophisticated threats.
