← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Investigating Two Variants of the Trivy Supply-Chain Compromise
WHITE TeamPCP PetrP.73 2026-04-02 Modified: 2026-05-02
14
IOCs
MEDIUM VOLUME
In March 2026, the TeamPCP threat actor compromised the open-source vulnerability scanner Trivy, deploying credential-harvesting malware through both a compromised GitHub Action and a modified container image. This supply-chain attack directly distributed malicious payloads across various platforms, including Docker Hub and npm packages, over a period of nearly a month. The campaign utilized different attack vectors: one variant involved malicious code inserted into the `http://entrypoint.sh` of the GitHub Action, while the other involved modifications to the Trivy container's ELF binary.
marchtrufflehogcloudtrailminiogithubwatchtoweraction variantpythontrivygithub actionlambdaencryptvirustotalstealerkudelskibeyondtrustteampcp
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (4 / 14 total)
All CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 0880819ef821cff918960a39c1c1aada55a5593c61c608ea9215da858a86e349 2026-04-02
FileHash-SHA256 18a24f83e807479438dcab7a1804c51a00dafc1d526698a66e0640d1e5dd671a 2026-04-02
FileHash-SHA256 6328a34b26a63423b555a61f89a6a0525a534e9c88584c815d937910f1ddd538 2026-04-02
FileHash-SHA256 822dd269ec10459572dfaaefe163dae693c344249a0161953f0d5cdd110bd2a0 2026-04-02
References (1)
↗ https://kudelskisecurity.com/research/investigating-two-variants-of-the-trivy-supply-chain-compromise