The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company's GitHub organization to tamper with dozens of repositories. [...]
Trivy supply-chain attack spreads to Docker, GitHub repos
Résumé + lien vers la source. Sans paywall, sans tracking.