WE ARE ON YOUR SIDE.
ALWAYS.

Piece of news of the day

ADVANCED SECURITY EUROPA

EOOD

Beware the Trivy Trail: Unmasking the Cyber Supply Chain Attack on Docker Hub

Mar 23, 2026

Cybersecurity researchers have discovered malicious artifacts distributed via Docker Hub after a supply chain attack on Trivy, a popular open-source vulnerability scanner.
Malicious versions 0.69.4, 0.69.5, and 0.69.6 were found and removed.
The attackers also compromised GitHub repositories belonging to Aqua Security, renaming them and exposing them publicly.
The attackers leveraged stolen data to compromise npm packages and distribute a self-propagating worm called CanisterWorm.
The threat actor, known as TeamPCP, has escalated its attacks by wiping entire Kubernetes clusters in Iran using a new wiper malware.
Organizations are advised to review their use of Trivy, avoid affected versions, and consider recent executions potentially compromised.
This attack highlights the dangers of supply chain attacks and the increasing sophistication of threat actors targeting cloud infrastructures.

Read the full article here