Aqua Security’s vulnerability scanner, Trivy, suffered a sophisticated CI/CD supply chain compromise. The threat actor, identified as TeamPCP, leveraged prior incomplete remediation to inject credential-stealing malware into official releases. This incident, tracked as CVE-2026-33634, successfully weaponized a trusted security tool against the organizations relying on it to stay safe. This visualizes the attack propagation timeline […]
The post Microsoft Unveils New Guidance to Detect and Defend Against Trivy Supply Chain Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.