{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifjun4ihy6nyk6okvvchi6sgp2yxlaho6arpocnu4wmcpg2gjh6pi",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mhrnot62tw22"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreie63sgk6czhlgci2dm5utc4qht7emcckrfvst6jd3yh6a33d2gcnu"
    },
    "mimeType": "image/jpeg",
    "size": 83142
  },
  "path": "/hackers-hijacked-trivy-github-actions-to-steal-ci-cd-secrets/",
  "publishedAt": "2026-03-23T07:32:25.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Hackers hijacked Trivy GitHub Actions to steal CI/CD secrets",
    "VPN Central"
  ],
  "textContent": "Organizations that used compromised Trivy components on March 19 and March 20, 2026 should treat their CI/CD secrets as exposed and rotate them immediately. Aqua Security says attackers used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 trivy-action tags to malicious commits, and replace all 7 setup-trivy tags. This attack […]\n\nThe post Hackers hijacked Trivy GitHub Actions to steal CI/CD secrets appeared first on VPN Central.",
  "title": "Hackers hijacked Trivy GitHub Actions to steal CI/CD secrets"
}