Widely used Trivy scanner compromised in ongoing supply-chain attack

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...
Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
Morning Overview on MSN

Study finds thousands of sites exposed API keys and other credentials

Researchers scanning 10 million webpages have found that nearly 10,000 pages contained live API credentials left in plain ...