Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper Security researchers found trojanized Trivy images and other malicious artifacts on Docker Hub following a Trivy supply-chain compromise that widened the blast radius across developer environments. The campaign, attributed to TeamPCP, used a compromised Aqua Security GitHub Actions credential to push a credential stealer, deface repositories, infect npm packages with CanisterWorm,...

Trivy supply-chain attack spreads infostealer via trojanized Docker images (v0.69.4–0.69.6), linked to TeamPCP. Campaign includes npm infection, Kubernetes wiper, and backdoor payloads. #DockerAttack #DevOpsRisk #Malaysia