Two overlapping supply chain campaigns targeted Aqua Security’s Trivy open-source vulnerability scanner: TeamPCP compromised Aqua’s GitHub organizations via an overprivileged PAT, injecting infostealer malware into Trivy release artifacts and Docker Hub images, with incomplete initial remediation allowing re-entry within weeks; separately, 75 tags of the trivy-action GitHub Actions integration were hijacked and replaced with an infostealing payload that ran inside CI/CD runners with full access to pipeline secrets. Any organization running Trivy or trivy-action in automated pipelines during early-to-mid March 2026 should treat all CI/CD secrets, cloud credentials, and SSH keys exposed in those runners as compromised and rotate them immediately; stop pipeline executions referencing aquasecurity Docker Hub images or trivy-action tags until clean artifact integrity is confirmed via Aqua Security’s official advisory.