Hackers Compromise Trivy Scanner to Inject malicious Scripts and Steal Login Credentials

A tag-poisoning supply-chain attack compromised the official aquasecurity/trivy-action by force-pushing 75 version tags to forged commits that replaced entrypoint.sh with a 204-line infostealer (self-identified as “TeamPCP Cloud stealer”). The malware collects secrets from GitHub-hosted and self-hosted runners (dumping process memory, scraping files, SSH keys, cloud credentials, CI/CD files, crypto wallets), encrypts the bundle (AES-256-CBC with RSA-4096-wrapped key) and exfiltrates via a typosquatted domain or by creating a public "tpcp-docs" repo using victims' tokens; organizations should pin to the safe tag/commit (only @0.35.0 / SHA 57a97c7e...), rotate credentials, and audit for unauthorized repositories.