Protect.Computer
NEWS

Trivy GitHub Action tags hijacked in supply-chain breach

· 1 min read · Malicious byte Data hijack
Trivy GitHub Action tags hijacked in supply-chain breach

Photo by protect.computer (custom explainer graphic) on protect.computer

What happened

A newly disclosed supply-chain incident impacted Aqua Security’s Trivy GitHub Action. According to public reporting and Aqua’s own incident discussion, attackers force-pushed malicious changes to many existing trivy-action version tags, creating a risk for pipelines that referenced mutable tags instead of pinned commit SHAs.

Because CI jobs often run with broad secrets access, compromised action tags can expose:

  • Cloud/API credentials
  • Source-control tokens
  • Build and deploy secrets
  • Internal service credentials used by automation

Why this matters

GitHub Actions are deeply trusted by build systems. When a popular action is tampered with at the tag level, downstream projects can ingest attacker code without changing their own workflow files.

This is a reminder that “pinning by tag” is not enough in high-trust pipelines.

What defenders should do now

  1. Audit all repositories for aquasecurity/trivy-action usage.
  2. Pin to known-safe immutable commit SHAs, not mutable tags.
  3. Rotate CI/CD secrets that may have been exposed.
  4. Review recent workflow logs for unusual outbound traffic or secret access patterns.
  5. Tighten GitHub Actions permissions (least privilege, short-lived credentials).

How to check if you’re affected

Affected scope: organizations or users potentially exposed to Trivy GitHub Action tags hijacked in supply-chain breach conditions should validate immediately.

Quick verification steps:

  1. Confirm your exposure surface
    • Identify whether your environment uses the affected product/service/version mentioned in this advisory.
  2. Check official advisories and indicators
    • Compare your deployed versions/configuration against vendor or authority guidance.
  3. Review logs for suspicious activity
    • Investigate authentication, admin, process, and network anomalies tied to this threat pattern.
  4. Validate mitigations are active
    • Apply patches/workarounds and re-check for failed exploit attempts or recurring indicators.

Sources

Bottom line

This is a high-priority CI/CD supply-chain event. If your organization uses Trivy actions in pipelines, validate your action references and rotate sensitive credentials immediately.

Related reading

News
BuildKit patches two high-severity build-context escape flaws (CVE-2026-33747, CVE-2026-33748)

BuildKit 0.28.1 fixes two high-severity vulnerabilities that can expose files outside expected build boundaries when using unsafe frontends or crafted Git URL subdir fragments.

News
AI-generated Slopoly malware deployed in Interlock ransomware attacks

Researchers say a likely AI-generated Slopoly backdoor helped ransomware operators maintain persistence and steal data in Interlock-linked intrusions.

News
AppsFlyer Web SDK hijack exposed websites to crypto-stealing JavaScript

AppsFlyer confirmed unauthorized code was briefly served through its Web SDK, enabling wallet-address replacement attacks in a supply-chain style compromise.

News
England Hockey investigates AiLock ransomware claim

England Hockey says it is investigating after the AiLock ransomware gang claimed to steal 129GB of data.