Trivy GitHub Actions Breach: 75 Tags Hijacked to Steal CI/CD Secrets

A major supply chain attack has hit Trivy, after attackers compromised its GitHub Actions and hijacked 75 version tags to distribute malware designed to steal sensitive CI/CD secrets.

What Happened

The breach affected official GitHub Actions:

• aquasecurity/trivy-action
• aquasecurity/setup-trivy

Attackers force-pushed 75 out of 76 version tags, redirecting them to malicious code without creating new releases—making the attack harder to detect.

How the Attack Worked

The compromised tags delivered a Python-based infostealer that executed within GitHub Actions workflows.

Once triggered, the malware:

• Scanned environment variables
• Extracted credentials and secrets
• Encrypted the data
• Sent it to an attacker-controlled server

Data at Risk

The attack targeted highly sensitive information, including:

• SSH keys
• Cloud service credentials
• Database access details
• Git and Docker configurations
• Kubernetes tokens
• Cryptocurrency wallets

This makes it a critical threat to DevOps and CI/CD pipelines.

Connection to Earlier Breach

This is the second Trivy-related attack in a month.

• Earlier breach involved a bot named hackerbot-claw
• Attackers stole a Personal Access Token (PAT)
• Gained control of the repository
• Published malicious versions of tools

Security experts say the latest incident likely occurred due to incomplete containment of the previous attack.

Root Cause

According to researchers, the breach was caused by:

• Compromised credentials with high-level access
• Ability to rewrite Git tags without detection
• Non-atomic token rotation, leaving gaps in security

Advanced Persistence Techniques

The malware also:

• Created a systemd service for persistence
• Used a Python script to fetch additional payloads
• Continuously communicated with external servers

Response from Aqua Security

Aqua Security confirmed the incident and stated:

• All secrets and tokens are being rotated again
• Automated actions are being locked down
• Security controls are being strengthened

Why This Matters

This attack highlights a growing trend:

• Supply chain attacks targeting trusted tools
• Exploitation of CI/CD pipelines
• Abuse of GitHub tag systems
• Faster, more stealthy attack methods

What Developers Should Do

Immediate actions recommended:

• Avoid using affected versions
• Rotate all credentials and tokens
• Audit CI/CD logs and workflows
• Pin dependencies using commit hashes instead of tags
• Monitor for unusual network activity