From Scanner To Stealer: Inside The Trivy-Action Supply Chain Compromise
CrowdStrike, Friday, March 20th, 2026
The CrowdStrike Engineering team discusses how this activity was discovered, how the attack works, what the payload does, and how CrowdStrike helps organizations defend against this threat.
While investigating a spike in script execution detections across several CrowdStrike Falcon platform customers, CrowdStrike's Engineering team traced the activity to a compromised GitHub Action named aquasecurity/trivy-action. This popular open-source vulnerability scanner is frequently used in CI/CD pipelines.
Our investigation found that 76 of the scanner's 77 release tags had been retroactively poisoned via git tag repointing, replacing the legitimate entry point with a multi-stage credential stealer. The malicious code runs silently before the real scanner, so workflows appear to complete normally.