Trivy’s Supply-Chain Sabotage: Hackers Poisoned the Pipeline Scanner We All Trust
Picture this: your CI/CD pipeline fires up Trivy for a routine vuln scan, and bam—malware slurps up your GitHub tokens like a vampire at a blood bank. Aqua Security's star tool got supply-chain attacked, hitting thousands of repos.