Parodia
  • Communities
  • Multi-communities
  • Support Lemmy
  • Search
  • Login
  • Sign Up
Docker@programming.devbysteam_lover@sh.itjust.worksbot account
3 months

Trivy supply chain compromise: What Docker Hub users should know

www.docker.com
0
    Trivy supply chain compromise: What Docker Hub users should know | Docker
    www.docker.com
    On March 19, 2026, threat actors compromised Aqua Security's CI/CD pipeline and used stolen credentials to push backdoored versions of the aquasec/trivy vulnerability scanner to Docker Hub. A second wave of compromised images followed on March 22. The malicious images contained an infostealer targeting CI/CD secrets, cloud credentials, SSH keys, and Docker configurations. This post summarizes what happened, what Docker did in response, and what you should do if you use Trivy.
    You must log in or register to comment.

    Docker@programming.dev

    docker@programming.dev

    Subscribe from remote instance

    Create post

    Report community

    Modlog
    You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !docker@programming.dev
    Visibility: Public

    This community is visible to everyone.

    • 9 users / Day
    • 9 users / Week
    • 9 users / Month
    • 10 users / 6 months
    • 10 posts
    • 1 comment
    • 1 local subscriber
    • 1.46K subscribers
    • BE: 1.0.0-beta.0
    • Modlog
    • Legal
    • Instances
    • Docs
    • Code
    • join-lemmy.org