A supply chain attack has compromised nearly all versions of Aqua Security’s Trivy vulnerability scanner, posing significant risks to developers and organizations relying on this tool. Itay Shakury, the maintainer of Trivy, confirmed the breach on Friday after initial rumors and a deleted discussion thread about the incident. The attack commenced early Thursday, with threat actors using stolen credentials to force-push malicious dependencies into all but one trivy-action tag and seven setup-trivy tags.
Trivy is a popular scanner used to detect vulnerabilities and hardcoded secrets in software development pipelines, boasting 33,200 stars on GitHub, which indicates widespread adoption. A forced push in Git overrides safety mechanisms that prevent overwriting existing commits, allowing attackers to insert harmful code. Shakury advised users to treat all pipeline secrets as compromised and rotate them immediately if they suspect running a compromised version.
Security firms Socket and Wiz reported that malware in 75 compromised trivy-action tags actively searches development pipelines, including developer machines, for sensitive data such as GitHub tokens, cloud credentials, SSH keys, and Kubernetes tokens. Once collected, this data is encrypted and transmitted to attacker-controlled servers. The result is that any CI/CD pipeline using software with these compromised tags executes malicious code as soon as a Trivy scan runs.
Affected version tags include widely used ones like @0.34.2, @0.33, and @0.18.0, while version @0.35.0 remains unaffected. This incident highlights critical vulnerabilities in supply chain security and the importance of monitoring Git operations for unauthorized changes.
