Trivy Attack Escalates: Malicious Docker Images Found

Following a major supply chain compromise, cybersecurity researchers discovered malicious Docker images for the Trivy vulnerability scanner on Docker Hub, where threat actors posted Trojanized versions as recently as March 22, 2026. The attack, attributed to the group TeamPCP, originally involved a compromised credential to push a credential stealer within the open-source scanner and related GitHub Actions.

According to a report from Socket security researcher Philipp Burckhardt, the malicious image tags 0.69.5 and 0.69.6 did not have corresponding GitHub releases. Consequently, the attack’s blast radius has expanded dramatically, with TeamPCP leveraging stolen data to compromise dozens of npm packages to distribute the CanisterWorm.

Meanwhile, the attackers have defaced all 44 internal repositories in Aqua Security‘s “aquasec-com” GitHub organization in a scripted two-minute burst. A forensic analysis by OpenSourceMalware assessed with high confidence that a compromised “Argon-DevOps-Mgt” service account token was the attack vector, providing write access to both of the security vendor’s GitHub organizations.

The campaign showcases the group’s growing sophistication, now moving beyond credential theft to destructive wiper malware. A new payload identified by researcher Charlie Eriksen targets Iranian Kubernetes nodes for wiping, while non-Iranian systems are infected with the CanisterWorm backdoor. This evolution highlights a significant threat to the security vendor ecosystem itself, turning its own tools against it.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

• Iran Pressures BRICS to Mediate in US-Israel Conflict, Strains India
• SMCI Stock Plunges Amid Nvidia China Probe
• Bithumb to Reappoint CEO Amid Regulatory Scrutiny
• Strategic Strait Closure Sparks Historic Oil Shock, $126 Brent
• CoinDCX Founders Clear Themselves of “False” Fraud FIR