SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Trivy stories

Flux result 20e12820 27f4 4e8a 9da9 1c2ee2ea902d

Sonatype warns of surge in trusted open-source malware

3 days ago
#
application security
#
devsecops
#
supply chain
Sonatype flags 21,764 malicious open-source packages in Q1 2026, with npm hit hardest as attackers used trusted workflows to steal secrets.
Flux result 86c5d3ff 8544 4b88 ac41 93781b8158bc

AppOmni adds Heisenberg mode after LiteLLM supply attack

Last month
#
virtualisation
#
cloud security
#
application security
AppOmni upgrades Heisenberg to help teams trace GitHub Actions and spot tainted dependencies after the LiteLLM supply chain breach.
Editorial compromised software supply chain key token leak dark

Trivy GitHub breach exposes CI/CD supply chain risk

Last month
#
devops
#
cloud security
#
application security
Aqua Security's Trivy GitHub Action was hijacked to ship infostealer code via CI/CD pipelines, exposing secrets across downstream users.
Moody engineer cicd pipelines morphing into shadowy hands vaults

JFrog flags 13 critical CI/CD flaws in GitHub workflows

Last month
#
siem
#
fintech
#
application security
JFrog warns 13 GitHub CI/CD workflow flaws, mostly critical, could let attackers hijack pipelines and steal secrets at scale.
Kbom

Aqua Security expands Trivy for Kubernetes vulnerability scanning & KBOM generation

Wed, 8th Nov 2023
#
application security
#
open source
#
red hat
Aqua Security enhances its open-source solution, Trivy, to offer Kubernetes vulnerability scanning and Kubernetes Bill of Materials generation.
Gettyimages 1345379649 1

Aqua Security incorporates CIS Kubernetes benchmarks scanning into open source Trivy

Thu, 20th Apr 2023
#
virtualisation
#
application security
#
open source
Aqua Security's Aqua Trivy now offers full compliance scanning for CIS Kubernetes Benchmarks, simplifying security for cloud native applications.
Gettyimages 1388013584

Aqua Security adds CPSM capabilities to Aqua Trivy

Thu, 18th Aug 2022
#
cloud security
#
application security
#
open source
Aqua Security has added cloud security posture management (CPSM) capabilities to its open source tool, Aqua Trivy.
Gettyimages 1338798118 3

Aqua Security createa unified scanner for cloud native security

Fri, 20th May 2022
#
devops
#
cloud security
#
application security
Aqua Security's Trivy becomes world's first unified scanner for cloud native security, consolidating multiple tools into one.