Scott's Weblog - The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking
Original, technical content centered around cloud computing, Kubernetes, Linux, containers, and networking
Trivy supply chain compromise: What Docker Hub users should know | Docker
docker.comOn March 19, 2026, threat actors compromised Aqua Security's CI/CD pipeline and used stolen credentials to push backdoored versions of the aquasec/trivy vulnerability scanner to Docker Hub. A second wave of compromised images followed on March 22. The malicious images contained an infostealer targeting CI/CD secrets, cloud credentials, SSH keys, and Docker configurations. This post summarizes what happened, what Docker did in response, and what you should do if you use Trivy.
Technology Short Take 193 - Scott's Weblog - The weblog of an IT pro focusing on cloud computing, Kubernetes, Linux, containers, and networking
Welcome to Technology Short Take #193! I know it has only been a couple weeks since the last Tech Short Take, but I am guessing that readers won’t really mind another one. Here is my latest collection of articles and posts about data center-related technologies. Enjoy!