Trivy supply-chain attack spreads to Docker, GitHub repos

TeamPCP compromised Aqua Security's GitHub organization and CI environment to inject credential‑harvesting malware into Trivy builds, pushed malicious Docker image tags to Docker Hub, and tampered with multiple repositories; researchers provided IOCs and Aqua engaged incident responders while warning that Docker tags are not immutable and that service account PATs in CI runners enabled the compromise.