Trivy Vulnerability Scanner Compromised to Inject Malicious Scripts That Steal Credentials

A highly sophisticated supply chain attack has successfully compromised the official Trivy GitHub Actions repository, severely impacting continuous integration environments.

Discovered on March 19,…