BREAKING
8h agoAmazon Earnings, Trainium and Commodity Markets, Additional Amazon Notes///8h agoWomen sue the men who used their Instagram feed to create AI porn influencers///8h agoFast16 Malware///8h agoAmazon Earnings, Trainium and Commodity Markets, Additional Amazon Notes///8h agoWomen sue the men who used their Instagram feed to create AI porn influencers///8h agoFast16 Malware///
BACK TO GLOSSARY
ORGCompaniesSafety

Aqua Security

2 mentions across all digests

Aqua Security is a cybersecurity company that develops and maintains Trivy, an open-source vulnerability scanner widely used in CI/CD pipelines, which suffered a supply chain compromise in March 2026.

/// Stats
First Seen2026-03-24
Last Seen2026-03-24
Total Mentions2
Subject Mentions1
Last 7 Days0
Sources2
Peak Relevance5/5
Active Predictions0
/// Recent Stories
2026-03-21HIGH

Widely used Trivy scanner compromised in ongoing supply-chain attack

Aqua Security's Trivy vulnerability scanner was compromised via stolen credentials, allowing attackers to inject malware into 75+ pipeline action tags that silently exfiltrate GitHub tokens, cloud credentials, and SSH keys to attacker servers.

2026-03-21HIGH

Trivy Compromised a Second Time - Malicious v0.69.4 Release

Aqua Security's widely-used Trivy vulnerability scanner was compromised for the second time in three weeks, with malicious v0.69.4 shipping credential harvesting inside the setup-trivy GitHub Action.

/// Connected Entities
PRDTrivy
2 shared
PRDtrivy-action
2 shared