Hackers hijacked Trivy GitHub Actions to steal CI/CD secrets

Organizations that used compromised Trivy components on March 19 and March 20, 2026 should treat their CI/CD secrets as exposed and rotate them immediately. Aqua Security says attackers used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 trivy-action tags to malicious commits, and replace all 7 setup-trivy tags. This attack […] The post Hackers hijacked Trivy GitHub Actions to steal CI/CD secrets appeared first on VPN Central.