Trivy GitHub Actions Hijacked: 75 Tags Compromised to Steal CI/CD Secrets
What Happened — The open‑source vulnerability scanner Trivy, maintained by Aqua Security, suffered a second supply‑chain compromise within a month. Attackers injected malicious code into the official GitHub Actions aquasecurity/trivy-action and aquasecurity/setup‑trivy, hijacking 75 tags to exfiltrate CI/CD secrets from downstream pipelines.
Why It Matters for TPRM —
- Supply‑chain attacks bypass traditional perimeter defenses, exposing third‑party tooling risks.
- Stolen CI/CD credentials can lead to broader infrastructure compromise across multiple environments.
- Continuous‑integration pipelines are a high‑value target for attackers seeking privileged access.
Who Is Affected — Organizations that integrate Trivy actions into their build pipelines, spanning SaaS developers, cloud‑native platforms, fintech services, and any enterprise relying on automated container scanning.
Recommended Actions — Immediately audit all pipelines that reference aquasecurity/trivy-action or aquasecurity/setup‑trivy; rotate any CI/CD secrets that may have been exposed; consider temporary removal of the actions until the repositories are verified clean; implement strict provenance checks for third‑party GitHub Actions.
Technical Notes — Attack vector: supply‑chain compromise of GitHub Actions via tag hijacking (third‑party dependency). No public CVE; the malicious payload harvested environment variables containing tokens, API keys, and other secrets. Data types exfiltrated: CI/CD service accounts, Docker registry credentials, cloud provider keys. Source: The Hacker News