Supply Chain Attack on Trivy Open-Source Security Tool Impacts Up to 10,000 Victims
ThreatsCybercrimeCybersecurityopen sourcecybercrimeMandiantdata breachessupply chainsupply chain attacksopen source softwareRSAC 2026 ConferenceTrivyAqua Security
Attackers compromised the open-source security tool Trivy, publishing malicious versions of the software as part of a supply chain attack. Mandiant warned that the fallout from the breach could impact up to 10,000 downstream victims, with the extortion campaign described as "loud and aggressive." The incident highlights risks in open-source software dependencies, though no specific technical details, dates, or CVE IDs were provided. The attack was linked to cybercriminals exploiting the supply chain to distribute malware. Aqua Security, the maintainer of Trivy, was implicated in the incident, though its direct role was not detailed. The report was published ahead of the RSAC 2026 Conference.