Starrers · ttweb / thesis

If your CI/CD process uses Trivy (tag:latest or v.0.69.4), please read this:

Trivy image has been compromised for around 3 hours between Thursday 19.3 and Friday 20.3. The InfoStealer scanned for CI/CD tokens, Kubernetes credentials, SSH-keys and basically everything you can get your hands on while on the CI/CD job.

There is also possibility of injecting malware into any images made through this process.

SO IF YOU ARE USING THE TRIVY IMAGE AS PART OF YOUR CI/CD, PLEASE MAKE SURE TO:

CHECK THE VERSION (LATEST OR VERSION 0.69.4)

IF USING THE VULNERABLE VERSION, CHANGE YOUR TOKENS / INFO USED IN THE PROCESS

REMAKE ANY IMAGES (IN THE CONTAINER REGISTRY, etc) WITH NON-VULNERABLE VERSIONS AND USE THEM

More informaion, see for example: https://www.wiz.io/blog/trivy-compromised-teampcp-supply-chain-attack

6 starrers: 5 public and 1 private

Jari-Matti Mäkelä

@jmjmak

May 02, 2019

Oshani Weerakoon

@osweer

Jan 25, 2024

Petri Nissilä

@pemini

Jan 04, 2022

Ujala Yousuf

@uayous

Oct 14, 2025

William Lempinen

@wislem

Sep 28, 2024

Admin message