← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Investigating Two Variants of the Trivy Supply-Chain Compromise
WHITE TeamPCP PetrP.73 2026-04-02 Modified: 2026-05-02
14
IOCs
MEDIUM VOLUME
In March 2026, the TeamPCP threat actor compromised the open-source vulnerability scanner Trivy, deploying credential-harvesting malware through both a compromised GitHub Action and a modified container image. This supply-chain attack directly distributed malicious payloads across various platforms, including Docker Hub and npm packages, over a period of nearly a month. The campaign utilized different attack vectors: one variant involved malicious code inserted into the `http://entrypoint.sh` of the GitHub Action, while the other involved modifications to the Trivy container's ELF binary.
marchtrufflehogcloudtrailminiogithubwatchtoweraction variantpythontrivygithub actionlambdaencryptvirustotalstealerkudelskibeyondtrustteampcp
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (3 / 14 total)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 4fed54d88f919c675ee2f575f70698a8d3649287 SHA1 of 18a24f83e807479438dcab7a1804c51a00dafc1d526698a66e0640d1e5dd671a 2026-04-02
FileHash-SHA1 d820fc3440e7eadc575315f9a96a34ae450ec457 SHA1 of 822dd269ec10459572dfaaefe163dae693c344249a0161953f0d5cdd110bd2a0 2026-04-02
FileHash-SHA1 e0198fd2b6e1679e36d32933941182d9afa82f6f 2026-04-02
References (1)
↗ https://kudelskisecurity.com/research/investigating-two-variants-of-the-trivy-supply-chain-compromise