A sophisticated supply chain attack targeting Aqua Security’s widely used open-source vulnerability scanner, Trivy. A threat actor leveraged compromised credentials to distribute malicious releases, turning a trusted security tool into a mechanism for large-scale credential theft across CI/CD pipelines. The incident remains an ongoing and evolving investigation, with attackers actively weaponizing stolen credentials across the […] The post Aqua Security’s Trivy Scanner Compromised in Supply Chain Attack appeared first on Cyber Security News.