Trivy supply-chain attack spreads to Docker, GitHub repos
Over Security - Cybersecurity news aggregator [Unofficial]
March 23, 2026
The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company's GitHub organization to tamper with dozens of repositories.
Discussion in the ATmosphere