This page collects WhisperX intelligence signals tagged #dockerhub. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical supply chain attack has compromised the official GitHub Actions for Trivy, a widely used open-source security scanner. On March 19, 2026, a threat actor used stolen credentials to publish a malicious version of Trivy (v0.69.4) and executed a sweeping hijack of the project's version history. The attacker forc...
A sophisticated supply chain attack has compromised the core security tools of Aqua Security's Trivy project, injecting credential-stealing malware into official GitHub Actions and DockerHub images. The attack, executed by a threat actor using compromised credentials, directly targeted the integrity of the Trivy vulner...
A sophisticated supply chain attack has compromised the core security tools of Aqua Security's Trivy project. Threat actors, using compromised credentials, successfully published malicious software releases and overwrote dozens of version tags with credential-stealing malware, directly targeting the software supply cha...
A threat actor has compromised the official GitHub repositories for Aqua Security's Trivy vulnerability scanner, force-pushing malicious code to dozens of version tags. The attack, which began on March 19, 2026, involved the use of stolen credentials to publish a malicious Trivy v0.69.4 release and to overwrite 76 out ...