概要

Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack. This incident highlights the widening blast radius across developer environments.

詳細情報

The last known clean release of Trivy on Docker Hub is version 0.69.3. Malicious versions, including 0.69.4, 0.69.5, and 0.69.6, have since been removed from the container image library.

Security researcher Philipp Burckhardt of Socket noted that new image tags 0.69.5 and 0.69.6 were pushed on March 22 without corresponding GitHub releases or tags. Both images contain indicators of compromise associated with the same TeamPCP infostealer observed in earlier stages of this campaign.

影響と展開

The attack has had downstream impacts, with attackers leveraging stolen data to compromise dozens of npm packages and distribute a self-propagating worm known as CanisterWorm. This incident is believed to be the work of a threat actor tracked as TeamPCP.

Aqua SecurityのGitHub組織への攻撃

According to the OpenSourceMalware team, attackers have defaced all 44 internal repositories associated with Aqua Security’s

元記事: https://thehackernews.com/2026/03/trivy-hack-spreads-infostealer-via.html