If your CI/CD process uses Trivy (tag:latest or v.0.69.4), please read this:
Trivy image has been compromised for around 3 hours between Thursday 19.3 and Friday 20.3. The InfoStealer scanned for CI/CD tokens, Kubernetes credentials, SSH-keys and basically everything you can get your hands on while on the CI/CD job.
There is also possibility of injecting malware into any images made through this process.
SO IF YOU ARE USING THE TRIVY IMAGE AS PART OF YOUR CI/CD, PLEASE MAKE SURE TO:
CHECK THE VERSION (LATEST OR VERSION 0.69.4)
IF USING THE VULNERABLE VERSION, CHANGE YOUR TOKENS / INFO USED IN THE PROCESS
REMAKE ANY IMAGES (IN THE CONTAINER REGISTRY, etc) WITH NON-VULNERABLE VERSIONS AND USE THEM
More informaion, see for example: https://www.wiz.io/blog/trivy-compromised-teampcp-supply-chain-attack