The recent security incident involving the popular vulnerability scanner, Trivy, has revealed a sophisticated supply-chain attack orchestrated by the threat group known as teampcp. Malicious actors infiltrated the official Trivy release channels and GitHub Actions workflows to distribute credential-stealing malware.

Trivy, widely used by developers and security professionals, is instrumental in detecting security flaws, configuration errors, and secret exposures across containerized environments, Kubernetes clusters, codebases, and cloud platforms. Its widespread adoption makes it a lucrative target for cybercriminals aiming to harvest sensitive authentication data.

The breach was initially uncovered by security researcher Paul McCarty, who identified that version 0.69.4 of Trivy had been compromised. Malicious container images and altered GitHub release artifacts were disseminated to unsuspecting users. Further investigations by Socket and Wiz confirmed that multiple GitHub Actions, especially those associated with the trivy-action repository, had been affected, with nearly all version tags compromised.

Attackers gained access to Trivy’s GitHub build pipeline by hijacking the build process itself. They replaced the entrypoint.sh script within GitHub Actions workflows with malicious code and published trojanized binaries corresponding to the compromised release. These malicious artifacts acted as infostealers, targeting not only the core scanner but also related Actions such as setup-trivy.

Exploiting a stolen credential with repository write permissions, the threat actors force-pushed malicious updates across 75 of the 76 tags in the aquasecurity/trivy-action repository. This widespread manipulation enabled the malicious code to execute automatically in any external workflows referencing these tags, often without detection, before legitimate scans could run.

The malware’s primary purpose was to gather sensitive information from compromised systems. It performed reconnaissance by collecting system details such as hostname, user identity, network settings, and environment variables. It also exfiltrated various credentials, including SSH keys, cloud service access keys (AWS, GCP, Azure), Kubernetes and Docker secrets, environment files (.env), database credentials (PostgreSQL, MySQL, MongoDB, Redis), and authentication tokens stored in package managers or vaults.

Additionally, the malware targeted configuration files for Terraform, Jenkins, GitLab CI, and other CI/CD tools, along with private TLS keys, VPN configurations, messaging platform tokens (Slack, Discord), command history files, and critical system files like /etc/passwd and /etc/shadow. Cryptocurrency wallets stored on compromised systems were also at risk.

This incident underscores the importance of verifying the integrity of build processes and the risks posed by compromised supply chains. Organizations relying on automated workflows should implement strict access controls and monitor for unauthorized changes to critical repositories to mitigate similar threats in the future.

The malware conducts memory analysis on the GitHub Actions runner process, searching for JSON patterns containing authentication secrets.

On developer systems, the compromised binary harvests environment variables, scans for local credentials, and maps network interfaces.

All exfiltrated information is encrypted into a tpcp.tar.gz archive and sent to a deceptive command server at scan.aquasecurtiy[.]org.

Should data transmission fail, the malware establishes a public tpcp-docs repository on the victim’s GitHub to store the stolen data.

For persistence, it deploys a Python payload as a systemd service, which polls a remote server for further instructions and additional payloads.

This campaign has been attributed to the Teampcp threat group, based on a distinctive "teampcp cloud stealer" comment found within the malicious Python script.

A security breach at Aqua Security has been traced back to inadequate remediation efforts following an earlier compromise. The company acknowledged that threat actors exploited credentials that weren't fully neutralized after the initial March 1st, 2026 security event.

According to Aqua Security's statement, their response to the original breach left gaps in their security posture. While they implemented credential rotation procedures, the execution lacked synchronization, potentially allowing attackers to capture newly generated authentication tokens during the transition period.

The compromised software distribution affected Trivy version 0.69.4, which remained accessible to users for roughly three hours. GitHub Actions tags containing malicious code persisted for an extended period of approximately half a day.

In an attempt to obscure their activities, the perpetrators removed Aqua Security's public statement regarding the initial March security incident from the project repository.

Security experts recommend that any organization utilizing the affected software versions during the breach window should assume complete system compromise. Recommended actions include comprehensive credential replacement covering cloud infrastructure access, secure shell keys, application programming interface credentials, and database authentication details. Additionally, thorough forensic analysis should be conducted to identify potential secondary compromises.

Security researchers at Aikido have connected these attacks to a broader campaign featuring "CanisterWorm," an autonomous propagating malware specifically designed to infiltrate npm package ecosystems.

This sophisticated malware establishes persistence through systemd user services and leverages compromised npm authentication tokens to distribute infected package updates throughout the ecosystem.

Aikido's analysis revealed the worm's aggressive propagation capabilities: "The deploy.js component harvests npm tokens, identifies associated user accounts, catalogs all packages with publishing permissions, increments version numbers, and distributes the malicious payload across entire package scopes—affecting 28 packages in less than one minute."

The malware's infrastructure utilizes Internet Computer Protocol (ICP) canisters for command-and-control operations, functioning as a decentralized dead-drop system that distributes URLs for additional malicious components.

This architectural choice significantly complicates mitigation efforts, as ICP canisters can only be removed by their designated controllers, and any shutdown attempt would necessitate a formal governance proposal followed by network-wide voting procedures.

The malware incorporates credential harvesting capabilities, extracting npm authentication tokens from configuration files and environmental variables, facilitating lateral movement through development environments and continuous integration/continuous deployment infrastructure.

During their investigation, researchers observed that certain secondary payload servers were either offline or serving benign content, though they cautioned that this operational status could be modified without warning.

Why People Need VPN Services to Unblock Porn

People often rely on VPN services to unblock porn primarily to bypass regional censorship and maintain online privacy, ensuring their access remains confidential. When porn is unblocked, it refers to the successful circumvention of these digital barriers, allowing users to reach content otherwise restricted in their location. This process not only enables viewing but also helps protect against potential monitoring or throttling by ISPs.

Why Choose SafeShell VPN to Access Adult Content

If you want to access region-restricted adult content by unblocking porn sites, you may want to consider the SafeShell VPN. This service is specifically designed to help users bypass geographical barriers, providing a straightforward solution for those facing censorship or limited access.

The benefits of using SafeShell VPN are substantial. It employs advanced technology to unblock porn sites and other geo-blocked platforms with impressive speed and reliability, ensuring smooth streaming without frustrating lags. Beyond access, the VPN offers robust security to keep your browsing private and anonymous, protecting your data from third-party monitoring. With support for multiple devices, you can secure your entire digital footprint while enjoying unrestricted content across all your platforms.

How to Use SafeShell VPN to Unlock Porn Sites

To access adult content from various regions using SafeShell VPN, begin by following this straightforward process:

• First, navigate to the official platform and select a subscription package that aligns with your requirements
• Next, download the application compatible with your device and complete the installation procedure
• Once installed, launch SafeShell VPN and configure the settings by activating the specialized mode designed for enhanced connectivity
• After configuration, browse through the available server locations and connect to your desired region to unlock geo-restricted content
• Finally, you can now stream and view adult material from any location while maintaining complete anonymity and security through SafeShell VPN's encrypted connection, ensuring your online activities remain private and protected from third-party monitoring