> TritonInfoSec News
Home / Mar 24, 2026 / Story
0
#3 BleepingComputer general March 23, 2026 at 17:40 UTC

Trivy supply-chain attack spreads to Docker, GitHub repos

By Bill Toulas

AI Summary

The TeamPCP hackers expanded their Trivy supply-chain attack by pushing malicious Docker images and hijacking Aqua Security's GitHub organization to tamper with dozens of repositories. This escalation shows how initial supply chain compromises can rapidly spread across multiple distribution channels and development platforms.

Read full article → https://www.bleepingcomputer.com/news/security/tri…

Relevance score: 90.0/100

# More from March 24

  1. 1
    Hacker walks away with $24.5 million after breaching Resolv DeFi platform The Record
  2. 2
    Trivy Supply Chain Attack Targets CI/CD Secrets Dark Reading
  3. 4
    TeamPCP deploys Iran-targeted wiper in Kubernetes attacks BleepingComputer
  4. 5
    North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware The Hacker News
  5. 6
    Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems The Hacker News
  6. 7
    Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability SecurityWeek
  7. 8
    Education company Kaplan reports data breach impacting more than 230,000 The Record
  8. 9
    Crunchyroll probes breach after hacker claims to steal 6.8M users' data BleepingComputer
  9. 10
    FBI warns of Handala hackers using Telegram in malware attacks BleepingComputer