On February 27 and 28, 2026, two versions of the Aqua Trivy VS Code extension (1.8.12 and 1.8.13) were published to the OpenVSX registry under the aquasecurityofficial.trivy-vulnerability-scanner namespace. These versions contained suspicious behavior, which Socket, a cybersecurity firm, quickly identified. Upon investigation, they discovered that the new versions contained malicious code not found in the […] The post Cyberattackers Use AI-Powered Exploits To Compromise OpenVSX Aqua Trivy Tools appeared first on Cyber Security News.