InfoQ - Incident Response - News https://www.infoq.com InfoQ Incident Response News feed Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response https://www.infoq.com/news/2026/04/trivy-supply-chain-attack/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Incident+Response-news <img src="https://res.infoq.com/news/2026/04/trivy-supply-chain-attack/en/headerimage/generatedHeaderImage-1774788388998.jpg"/><p>A major security incident affecting the widely used open source vulnerability scanner Trivy has exposed critical weaknesses in software supply chain security, after maintainers confirmed that a malicious release was briefly distributed to users.</p> <i>By Craig Risi</i> Incident Response Cloud Security Open Source DevOps news Fri, 03 Apr 2026 12:00:00 GMT https://www.infoq.com/news/2026/04/trivy-supply-chain-attack/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Incident+Response-news Craig Risi 2026-04-03T12:00:00Z /news/2026/04/trivy-supply-chain-attack/en