Skip to main content

Trivy security tool hit in supply chain attack

  • March 13, 2026
  • 2 comments
  • 44 views
Geoff Burke
Forum|alt.badge.img+22

Trivy is a powerful tool for finding vulnerabilities in Kubernetes clusters among other things. You have know it if you intend passing the CKS exam (Kubernetes Security Specialist). 

They were recently attacked via Github actions and had to temporarily take down their github repository. 

 

VMCA2024, VMCE2023, VMCE2024-SP,CKA, LFCS

    2 comments

    Chris.Childerhose
    Forum|alt.badge.img+21
    • Chris.Childerhose
    • Veeam Legend, Veeam Vanguard
    • March 13, 2026

    Wow a tool that finds vulnerabilities gets one of their own. It is sad lately how these things are going.

    Chris Childerhose (Enterprise Architect) - VMCE+ | VMCA | VMCE | VMCE-SP | Veeam Vanguard 8* | Veeam Legend 5* | VUG Canada Leader | vExpert 7* | Toronto VMUG Leader | VCAP-DCV/VCP-DCV/VCP-VVF | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
      kciolek
      Forum|alt.badge.img+5
      • kciolek
      • Influencer
      • March 13, 2026

      thanks for sharing! I haven’t used Kubernetes but good to know

      Ken Ciolek | SHI Labs Data Protection & Storage Lead | Object First Ace | Commvault Global Ambassador
      Terms & ConditionsAccessibility statement