Trivy Vulnerability Scanner Compromised in Supply Chain Attack
A widespread supply chain attack has compromised virtually all versions of Aqua Security’s Trivy vulnerability scanner, potentially impacting a large number of developers and organizations. The attack, discovered in early March 2026, involved malicious actors gaining access to maintainer credentials and injecting malicious dependencies into the widely used tool.
Details of the Compromise
The compromise began on Thursday, March 19, 2026, when attackers used stolen credentials to force-push changes to all but one of the trivy-action tags and seven setup-trivy tags. A forced push bypasses standard Git safety mechanisms, allowing for the overwriting of existing commits. Aqua Security confirmed the incident following reports and a now-deleted thread from the attackers.
Trivy is a popular vulnerability scanner used by developers to identify security flaws and inadvertently exposed secrets within their software development pipelines. It boasts over 33,200 stars on GitHub, indicating its widespread adoption.
Malware Functionality and Impact
Security firms Socket and Wiz have reported that the malware, present in 75 compromised trivy-action tags, actively searches for sensitive information within development pipelines. This includes GitHub tokens, cloud credentials, SSH keys, and Kubernetes tokens. Upon discovery, the malware encrypts the data and transmits it to a server controlled by the attackers.
The malicious code executes whenever a CI/CD pipeline utilizes a compromised version of Trivy, effectively turning the scanning process into a vector for data theft. Affected version tags include the commonly used @0.34.2, @0.33, and @0.18.0. Version @0.35.0 appears to be the only unaffected version.
Recommended Actions
Itay Shakury, VP of Open Source at Aqua Security, strongly advises users who suspect they may have run a compromised version of Trivy to immediately treat all pipeline secrets as compromised and rotate them. Aqua Security has partnered with Root to strengthen open source security, and is working to address the vulnerabilities.
Mitigation and Further Information
Developers and organizations are urged to review their CI/CD pipelines and ensure they are using the unaffected @0.35.0 version of Trivy. Regularly updating dependencies and implementing robust security practices are crucial to mitigating the risk of supply chain attacks.
Keep reading