A pattern of persistent access: This is the second compromise affecting the Trivy ecosystem within roughly a month. Socket identified compromised Aqua Trivy VS Code extension releases on OpenVSX in late February, and now trivy-action, Trivy’s official GitHub Action for running scans in CI/CD workflows, has been abused through manipulated version tags to distribute malicious code across pipelines.”Repeated compromises of the same vendor in a short period suggest a persistent weakness,” said Cory Michal, CSO of SaaS security management company AppOmni. He said the method reflects a broader pattern. Rather than targeting victims individually, attackers compromised the organization behind a trusted supply-chain component and used its GitHub repository and mutable version tags to reach downstream users at scale.”Many organizations still allow build systems and developers to automatically pull in third-party code from the internet with limited review and too much implicit trust,” Michal said. “Convenience and speed in modern software delivery have outpaced governance.”Isaac Evans, founder and CEO of Semgrep, said the incident shows how easily broken pipeline trust can be re-exploited. “Defenders need to adopt the same mindset as attackers, continuously probing their own surface and verifying the integrity of their pipelines, rather than relying on static controls or assumed trust,” he said.As the fallout continues to unfold, Aqua Security and Mandiant are still working to fully contain the damage.
Where things stand: In a Tuesday update, Aqua Security said it has engaged incident response firm Sygnia. Credential revocation and rotation across all environments remains ongoing. The company maintained that its commercial products are architecturally isolated from the compromised open-source environment and remain unaffected.According to CyberScoop, Mandiant said it has not yet determined how the original credentials were first stolen, and believes the initial theft likely occurred outside the direct victim’s environment, possibly through a business process outsourcer or partner organization.For AppOmni’s Michal, the incident is a warning that the industry’s approach to third-party code needs to fundamentally change. “Organizations need stronger controls around what external code they allow, how it is approved, how it is pinned, and how changes are monitored before that code is trusted inside production or SaaS-connected environments,” he said.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4149938/trivy-supply-chain-breach-compromises-over-1000-saas-environments-lapsus-joins-the-extortion-wave.html
