In March there was a particularly nasty supply chain attack targeting Aqua Security and their tools, including the widely used Trivy security scanner, which later spread to other projects. The attack was carried out by a threat actor named TeamPCP and began by exploiting an insecure GitHub Actions workflow that utilised the pull_request_target trigger – a type known to be dangerous and easily misused. Using this, they stole a Personal Access Token granting wider access to the aquasecurity org.
No pages have linked to this URL yet.