In March 2026, Trivy, one of the most widely used open-source vulnerability scanners in the Kubernetes ecosystem, was weaponized against the very organizations that relied on it for security.

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.

Integration brings ActiveState's VEX advisories and secure libraries directly into Trivy scans, providing high-fidelity results and faster remediation paths ActiveState joins a growing community of ...

Trivy Premium integrates with other Aqua Platform modules such as Cloud Security Posture Management and Runtime Protection. "Trivy Premium is a gamechanger for organisations that already know and love ...

BOSTON and TEL AVIV, Israel, July 07, 2025 (GLOBE NEWSWIRE) -- Aqua Security, the pioneer in cloud native security and the primary maintainer of Aqua Trivy, today announced the launch of the Trivy ...

Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open ...

New partnership brings agentic AI-powered vulnerability remediation to the Trivy community BOSTON and TEL AVIV, Israel, July 31, 2025 (GLOBE NEWSWIRE) -- Aqua Security, the pioneer in cloud native ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...