Trivy vulnerability scanner breach pushed infostealer via GitHub Actions

The Trivy vulnerability scanner and related GitHub Actions were compromised by threat actor TeamPCP, which published trojanized Trivy binaries and replaced GitHub Action entrypoints to deploy an infostealer that harvested a wide range of credentials, SSH keys, cloud and CI secrets, and system data. Exfiltration used a typosquatted C2 and, if that failed, creating public GitHub repos; persistence was achieved via a dropped Python systemd service. The incident impacted many trivy-action tags and a malicious Trivy release (v0.69.4), prompting recommendations to treat affected environments as fully compromised and rotate all secrets. Researchers also linked the actor to a self-propagating npm worm (CanisterWorm) that abuses stolen npm tokens to spread.