← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Investigating Two Variants of the Trivy Supply-Chain Compromise
WHITE TeamPCP PetrP.73 2026-04-02 Modified: 2026-05-02
14
IOCs
MEDIUM VOLUME
In March 2026, the TeamPCP threat actor compromised the open-source vulnerability scanner Trivy, deploying credential-harvesting malware through both a compromised GitHub Action and a modified container image. This supply-chain attack directly distributed malicious payloads across various platforms, including Docker Hub and npm packages, over a period of nearly a month. The campaign utilized different attack vectors: one variant involved malicious code inserted into the `http://entrypoint.sh` of the GitHub Action, while the other involved modifications to the Trivy container's ELF binary.
marchtrufflehogcloudtrailminiogithubwatchtoweraction variantpythontrivygithub actionlambdaencryptvirustotalstealerkudelskibeyondtrustteampcp
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (2 / 14 total)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 805c08686e755c063a0bb460bdf9dcc4 MD5 of 822dd269ec10459572dfaaefe163dae693c344249a0161953f0d5cdd110bd2a0 2026-04-02
FileHash-MD5 d761a6a7ae9f2254bd81ac234033a8b8 MD5 of 18a24f83e807479438dcab7a1804c51a00dafc1d526698a66e0640d1e5dd671a 2026-04-02
References (1)
↗ https://kudelskisecurity.com/research/investigating-two-variants-of-the-trivy-supply-chain-compromise