Trivy hit by TeamPCP supply-chain attack through GitHub Actions
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors TeamPCP, who backdoored the Trivy GitHub build process and trojanized releases and related GitHub Actions (notably v0.69.4). This allowed an infostealer to harvest credentials and other secrets from GitHub Actions runners, CI configs, and local developer environments, exfiltrating data to a typosquatted C2 server or via a public repo. Attackers gained write access to publish malicious releases and force-push most tags, making detection difficult; Aqua Security linked the breach to an earlier credential exfiltration and noted token rotation wasn't atomic. The incident is connected to a follow-up CanisterWorm npm campaign by the same actor. Remediation includes rotating all secrets, auditing for compromise, and investigating for persistence across environments.
