Clundquist-Stripe

**Name of the Vulnerable Software and Affected Versions** aquasecurity/trivy version 0.69.4 aquasecurity/trivy versions 0.69.5 through 0.69.6 aquasecurity/trivy-action versions 0.0.1 through 0.34.2 aquasecurity/setup-trivy versions 0.2.0 through 0.2.6 **Description** A supply chain attack occurred where a threat actor used compromised credentials to publish malicious versions of the Trivy security scanner and its associated GitHub Actions. The attacker published a malicious release of the Trivy binary and container image, and force-pushed malicious commits to version tags of the `aquasecurity/trivy-action` and `aquasecurity/setup-trivy` actions. The malicious code functions as an infostealer that executes before the legitimate scan, dumping `Runner.Worker` process memory via `/proc/<pid>/mem` and sweeping the filesystem for SSH keys, cloud credentials (AWS, GCP, Azure), Kubernetes tokens, Docker configurations, `.env` files, database credentials, and cryptocurrency wallets. Stolen data is encrypted using AES-256-CBC with RSA-4096 hybrid encryption and transmitted to attacker-controlled infrastructure. If primary exfiltration fails and the `INPUT GITHUB PAT` variable is set, the malware creates a public repository named `tpcp-docs` on the victim's GitHub account to upload the stolen data. This campaign has affected over 1,000 SaaS environments, including the European Commission's Europa platform on AWS. **Recommendations** Update aquasecurity/trivy to version 0.69.2 or 0.69.3. Update aquasecurity/trivy-action to version 0.35.0, or use `v`-prefixed tags (e.g., `v0.34.0`) for versions older than 0.35.0. Update aquasecurity/setup-trivy to version 0.2.6. Immediately rotate all secrets accessible to affected pipelines if a compromised version was executed. Remove any affected artifacts of Trivy v0.69.4 from the environment. Review workflow run logs from March 19–20, 2026, for any workflows using `aquasecurity/trivy-action` or `aquasecurity/setup-trivy` that referenced version tags instead of full commit SHAs. Check for the presence of repositories named `tpcp-docs` in the GitHub organization. Pin GitHub Actions to full, immutable commit SHA hashes instead of using mutable version tags.