Trivy vulnerability scanner breach pushed infostealer via GitHub Actions
From BleepingComputer to All on Sat Mar 21 13:36:00 2026
The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing malware through official releases and GitHub Actions. [...]