On March 1st, 2026, Trivy — one of the most widely used open-source scanners in the world — was compromised via an autonomous AI bot exploiting a vulnerable GitHub Action. A textbook supply chain attack: the tool meant to protect your pipelines became the attack vector.
Cet article sera publié le 10/03/2026.