{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreichdp4bsnnlm5cosqtr3vqvkp22tvqx2y3dy2g55m4pt5dsuxjxt4",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mhjcbo4ish72"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreid44vbvpk6fz2oomgymu7ewxpgxhj2dfbhqtlbqli4nm2rkhfnikm"
    },
    "mimeType": "image/jpeg",
    "size": 221578
  },
  "path": "/2026/03/trivy-security-scanner-github-actions.html",
  "publishedAt": "2026-03-20T17:47:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Trivy, a popular open-source vulnerability scanner maintained by Aqua Security, was compromised a second time within the span of a month to deliver malware that stole sensitive CI/CD secrets.\nThe latest incident impacted GitHub Actions \"aquasecurity/trivy-action\" and \"aquasecurity/setup-trivy,\" which are used to scan Docker container images for vulnerabilities and set up GitHub Actions workflow",
  "title": "Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets"
}