Guidance for detecting, investigating, and defending against the Trivy supply chain compromise
released on 2026-03-25 @ 04:25:05 AM
On March 19, 2026, Trivy, an open-source vulnerability scanner, was compromised in a sophisticated CI/CD supply chain attack. Threat actors, identified as TeamPCP, injected credential-stealing malware into official Trivy releases, affecting the core binary and GitHub Actions. The attack exploited mutable tags and commit identity spoofing on GitHub. The malware performed extensive credential harvesting, targeting cloud providers, Kubernetes secrets, and various application credentials. Microsoft Defender provides detection and investigation capabilities for this threat. Recommended mitigations include updating to safe versions, hardening CI/CD pipelines, enforcing least privilege, protecting secrets, and leveraging attack path analysis to reduce lateral movement risks.