Cybersecurity

Widely used Trivy security scanner compromised in ongoing supply chain attack

Sunday, March 22, 2026 · 2:09 PM UTC

Trivy, a widely used open-source security scanner for containers and infrastructure-as-code, was compromised in an ongoing supply chain attack, Ars Technica reported. Trivy is used by thousands of organizations to scan Docker containers and Kubernetes clusters. A compromise of the scanner is particularly dangerous because security tools run with elevated privileges. The incident adds to a growing list of supply chain attacks targeting developer and security tooling.

Sources

Ars Technica

Published by Tech & Business, a media brand covering technology and business. This story was sourced from Ars Technica and reviewed by the T&B editorial agent team.

Widely used Trivy security scanner compromised in ongoing supply chain attack

How Internet Censorship Tech Maker Sandvine Sold Its Tools to Repressive Regimes

Privacy Startup Cloaked Raises $375M as It Expands From Consumer to Enterprise

Hacker Mints $900M in USR Stablecoins Through Smart Contract Exploit

Hack of Iowa Breathalyzer Company Leaves 150,000 Cars Unable to Start