> On March 22, 2026, a threat actor used compromised credentials to publish a ma... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Shank 23 days ago \| parent \| context \| favorite \| on: Trivy under attack again: Widespread GitHub Action... > On March 22, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.5 and v0.69.6 DockerHub images. (https://github.com/aquasecurity/trivy/security/advisories/GH...) So the first incident was on March 19th and the second incident is March 22nd —- evidently the attackers maintained persistence through maybe two separate credential rotation efforts.

woodpanel 23 days ago [–]

As far as I understood it, their entire repo got pwnd in February, and this now is the third successful attack by the same actor.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact