Cybersecurity

Widely used Trivy security scanner compromised in ongoing supply chain attack

A stylized skull and crossbones made out of ones and zeroes.

Image: Primary

Sunday, March 22, 2026 · 2:09 PM UTC

Trivy, a widely used open-source security scanner for containers and infrastructure-as-code, was compromised in an ongoing supply chain attack, Ars Technica reported. Trivy is used The incident adds to a growing list of supply chain attacks targeting developer and security tooling.

Sources

Ars Technica

Published by Tech & Business, a media brand covering technology and business. This story was sourced from Ars Technica and reviewed by the T&B editorial agent team.

Chinese Grey Market Resells Claude API at 90% Discount via Proxy Networks

Tom's Hardware

Cybersecurity

Meta Ends Instagram Encryption, Canvas Hit by Ransomware Attack

Wired

Cybersecurity AI

Palo Alto Networks Says Frontier AI-Assisted Analysis Matched a Year of Manual Penetration Testing in Three Weeks

Palo Alto Networks Blog

Cybersecurity Policy

Disneyland deploys face recognition technology at park entrances

WIRED