Aqua Security hit by data theft breach
Incident
Summary
Hide ▲
Show ▼
The Aqua Security Trivy incident involved a supply-chain compromise that delivered a credential-stealing infostealer through trusted releases and GitHub Actions. Attackers altered tag and release paths in aquasecurity/trivy-action and aquasecurity/setup-trivy, and Aqua also tied a related Trivy 0.69.4 compromise to unauthorized activity and fallback exfiltration to scan.aquasecurtiy[.]org. The broader campaign expanded on March 22, 2026 with trojanized Docker Hub images for 0.69.4, 0.69.5, and 0.69.6 and public defacement of Aqua repositories under the tpcp-docs- prefix. Wiz later reported that TeamPCP was trying to monetize stolen secrets such as cloud credentials, SSH keys, and Kubernetes configuration files, adding downstream account-takeover and cloud-compromise risk.
Related Happenings
Megalodon GitHub CI/CD supply-chain campaign
Campaign
First: 22.05.2026 14:55
Last: 22.05.2026 14:55
Sources 1
About this happening:
The **Megalodon** campaign pushed **5,718 malicious commits** into **5,561 GitHub repositories** in about **six hours**, creating a broad **CI/CD secret-theft** risk across develo...
Megalodon GitHub CI/CD supply-chain campaign
CampaignAbout this happening: The **Megalodon** campaign pushed **5,718 malicious commits** into **5,561 GitHub repositories** in about **six hours**, creating a broad **CI/CD secret-theft** risk across develo...
GitHub hit by network compromise
Incident
First: 20.05.2026 07:01
Last: 20.05.2026 07:01
Sources 1
About this happening:
GitHub is investigating unauthorized access to its internal repositories after a third party allegedly offered stolen material for sale on a cybercrime forum. The intrusion was li...
GitHub hit by network compromise
IncidentAbout this happening: GitHub is investigating unauthorized access to its internal repositories after a third party allegedly offered stolen material for sale on a cybercrime forum. The intrusion was li...
Latest development: 20.05.2026 13:45
GitHub detected unauthorized access tied to a poisoned Visual Studio Code (VS Code) extension on an employee device, removed the malicious extension version, isolated the endpoint, and began incident response to contain exposure across internal repositories.
Actions-cool/issues-helper hit by network compromise
Incident
First: 19.05.2026 08:28
Last: 19.05.2026 08:28
Sources 1
About this happening:
The **actions-cool/issues-helper** GitHub Actions supply-chain compromise let malicious tags run in **CI/CD pipelines**, causing **credential theft** and downstream account risk....
Actions-cool/issues-helper hit by network compromise
IncidentAbout this happening: The **actions-cool/issues-helper** GitHub Actions supply-chain compromise let malicious tags run in **CI/CD pipelines**, causing **credential theft** and downstream account risk....
TeamPCP campaign expands across multiple victims
Campaign
First: 15.05.2026 13:54
Last: 15.05.2026 13:54
Sources 1
About this happening:
The **TeamPCP / Mini Shai-Hulud** supply-chain operation is actively compromising **hundreds of packages**, exposing **downstream developers** to **malware delivery** and **creden...
TeamPCP campaign expands across multiple victims
CampaignAbout this happening: The **TeamPCP / Mini Shai-Hulud** supply-chain operation is actively compromising **hundreds of packages**, exposing **downstream developers** to **malware delivery** and **creden...
TanStack hit by network compromise
Incident
First: 12.05.2026 17:45
Last: 12.05.2026 17:45
Sources 1
About this happening:
**TanStack** was hit by a **package compromise** on **May 11, 2026**, when attackers published **84 malicious versions** across **42 @tanstack/* packages** and abused the release...
TanStack hit by network compromise
IncidentAbout this happening: **TanStack** was hit by a **package compromise** on **May 11, 2026**, when attackers published **84 malicious versions** across **42 @tanstack/* packages** and abused the release...
Latest development: 21.05.2026 11:00
On May 17, 2026, Grafana Labs said an unauthorized attacker had downloaded its codebase after accessing the firm's GitHub environment, and the company later said additional internal operational information and business contact names and email addresses were taken from its GitHub repositories; Grafana Labs said there was no indication that customer production systems or the Grafana Cloud platform were compromised.
Timeline
-
23.03.2026 10:31 2 articles · 2mo ago
TeamPCP expands Trivy campaign with Docker Hub images and Aqua repo defacement
Campaign Scope UpdateTeamPCP broadened the Trivy supply-chain compromise by pushing trojanized Docker Hub images for Trivy 0.69.4, 0.69.5, and 0.69.6 on March 22, 2026, then defacing all 44 internal repositories in Aqua Security's aquasec-com GitHub organization by renaming them with the tpcp-docs- prefix, setting descriptions to "TeamPCP Owns Aqua Security," and exposing them publicly.
Show sources
- Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper — thehackernews.com — 23.03.2026 10:31
- TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets — www.infosecurity-magazine.com — 31.03.2026 15:15
-
20.03.2026 19:47 1 articles · 2mo ago
Trivy GitHub Actions compromise disclosed
Initial DisclosureAqua Security's Trivy supply-chain compromise was disclosed after attackers force-pushed 75 of 76 version tags in aquasecurity/trivy-action and seven aquasecurity/setup-trivy tags to malicious commits that delivered a Python infostealer in GitHub Actions runners. The payload targeted CI/CD secrets including SSH keys, cloud credentials, database credentials, Git and Docker configurations, Kubernetes tokens, and cryptocurrency wallets, while a related aquasecurity/trivy release version 0.69.4 also pulled secrets from the runner and could fall back to staging stolen data in the public repository tpcp-docs.
Show sources
- Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets — thehackernews.com — 20.03.2026 19:47