TRIVY , a popular open-source vulnerability scanner, was compromised a second time within a month to deliver malware via GitHub Actions, affecting the aquasecurity/trivy-action and aquasecurity/setup-trivy repositories. According to The Hacker News, an attacker force-pushed 75 of 76 version tags in the trivy-action repository to point to malicious commits containing an infostealer payload, enabling data theft from CI/CD environments.
The malicious code is described as capable of harvesting environment variables and credentials such as SSH keys, cloud provider credentials, databases, Git, Docker configurations, Kubernetes tokens, and cryptocurrency wallets, and exfiltrates data to the attacker-controlled domain scan.aquasecurtiy[.]org. The article notes that the incident follows a prior breach linked to an autonomous bot, hackerbot-claw, and discusses attribution signs suggesting TeamPCP, though the actor remains unconfirmed.
It urges affected users to rotate secrets, block the exfiltration domain and IP 45.148.10[.]212, and to pin GitHub Actions to full SHA hashes rather than version tags.