This page collects WhisperX intelligence signals tagged #aqua-security. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A sophisticated supply chain attack has compromised the official GitHub Actions for Aqua Security's Trivy vulnerability scanner. Threat actors used stolen credentials to publish a malicious Trivy v0.69.4 release and then force-pushed 76 out of 77 version tags in the `aquasecurity/trivy-action` repository to credential-...
A critical supply chain attack has compromised the official GitHub Actions for Aqua Security's Trivy vulnerability scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release and then force-pushed 76 out of 77 version tags in the `aquasecurity/trivy-action` repos...
A sophisticated supply chain attack has compromised the official GitHub Actions for Aqua Security's Trivy vulnerability scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release and force-push 76 out of 77 version tags in the `aquasecurity/trivy-action` reposit...
A critical supply chain attack has compromised the official GitHub Actions for Aqua Security's Trivy vulnerability scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release and then force-pushed 76 out of 77 version tags in the `aquasecurity/trivy-action` repos...
A sophisticated supply chain attack has compromised the core security scanning tools of Aqua Security, directly targeting the widely used Trivy vulnerability scanner and its GitHub Actions. Threat actors, using compromised credentials, successfully published malicious releases and force-pushed nearly all version tags f...