SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India

Trivy stories

Flux result 20e12820 27f4 4e8a 9da9 1c2ee2ea902d

Sonatype warns of surge in trusted open-source malware

4 days ago
#
application security
#
devsecops
#
supply chain
Sonatype flags 21,764 malicious open-source packages in Q1 2026, with npm hit hardest as attackers used trusted workflows to steal secrets.
Flux result 86c5d3ff 8544 4b88 ac41 93781b8158bc

AppOmni adds Heisenberg mode after LiteLLM supply attack

Last month
#
virtualisation
#
cloud security
#
application security
AppOmni upgrades Heisenberg to help teams trace GitHub Actions and spot tainted dependencies after the LiteLLM supply chain breach.
Editorial compromised software supply chain key token leak dark

Trivy GitHub breach exposes CI/CD supply chain risk

Last month
#
devops
#
cloud security
#
application security
Aqua Security's Trivy GitHub Action was hijacked to ship infostealer code via CI/CD pipelines, exposing secrets across downstream users.
Moody engineer cicd pipelines morphing into shadowy hands vaults

JFrog flags 13 critical CI/CD flaws in GitHub workflows

Last month
#
siem
#
fintech
#
application security
JFrog warns 13 GitHub CI/CD workflow flaws, mostly critical, could let attackers hijack pipelines and steal secrets at scale.
Kbom

Aqua Security expands Trivy for Kubernetes vulnerability scanning & KBOM generation

Wed, 8th Nov 2023
#
application security
#
open source
#
red hat
Aqua Security enhances its open-source solution, Trivy, to offer Kubernetes vulnerability scanning and Kubernetes Bill of Materials generation.