All writing

Trivy attack

  • Rant

Trivy was again attacked. This time really bad -> https://www.crowdstrike.com/en-us/blog/from-scanner-to-stealer-inside-the-trivy-action-supply-chain-compromise/

For me, this is another example for the inherent security risk of GitHub actions.