The TeamPCP hackers have extended their Trivy supply-chain attack by compromising Aqua Security's GitHub organization, pushing malicious Docker images, and tampering with the company’s repositories. The attack involved gaining unauthorized access to service accounts that enabled them to push new versions of Trivy (0.69.5 and 0.69.6) containing malware on Docker Hub without corresponding releases or tags in GitHub, indicating a sophisticated breach of Aqua Security's build pipeline. This incident highlights the critical importance of supply-chain security for widely-used tools like Trivy, which is employed to detect vulnerabilities across software artifacts and infrastructure. Engineers and sysadmins must verify artifact integrity beyond simple tag names and consider additional verification mechanisms, such as digital signatures or immutable storage solutions.
- Aqua Security GitHub Organization
- Docker Hub
- Verify the integrity of Trivy artifacts by comparing checksums against Aqua Security's official documentation or a trusted source.
- Update to the latest verified version of Trivy (as advised by Aqua Security) and ensure that all Docker images are pulled from trusted sources using digital signatures if available.
- Review and update service account permissions and tokens in GitHub organizations, ensuring multi-factor authentication is enabled where applicable.
Common homelab stacks utilizing Trivy for security scanning may be directly impacted by this vulnerability. Specific software versions such as Docker v20.10.8+ and any configurations relying on automated builds using Trivy are at risk.