44 Aqua Security repositories defaced after Trivy supply chain breach

Malicious Trivy images published to Docker Hub delivered TeamPCP infostealer, and the same actor used stolen GitHub/CI credentials to compromise an Aqua Security internal GitHub org—automatically renaming and defacing 44 repositories within minutes; investigators provided IOCs and attribute the chain to TeamPCP’s automated supply‑chain and repository-level operations.