SecurityWeek

Aqua’s Trivy Vulnerability Scanner Hit by Supply Chain Attack

Aqua Security’s Trivy vulnerability scanner was compromised in a supply chain attack, leading to information-stealing infections.
The Hacker News

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.
Infosecurity Magazine

Trivy Supply Chain Attack Expands With New Compromised Docker Images

A new set of compromised Docker images linked to the Trivy supply chain attack has been identified, expanding the impact of the incident across developer environments and CI/CD pipelines. On March 19, ...
TheServerSide

10 best GitHub Actions examples

Community driven content discussing all aspects of software development from DevOps to design patterns. It all starts with a GitHub Actions workflow. Here’s how to create a run a workflow in the tool.
InfoQ

GitHub Release Developer Workflow Tools: Actions, Suggested Changes & Security Alerts for .NET/Java

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...