Aqua Security locking down trivvy gh; Restricting to allowlist of IPs
2 comments
A bunch of AquaSec stuff has been getting compromised since the initial incident at end of February. Apparently in the latest attack they managed to compromise their internal organisation: https://opensourcemalware.com/blog/teampcp-aquasec-com-githu...
Someone else with same issue https://github.com/aquasecurity/trivy/discussions/10425#disc...
I don't see any public acknowledgement. Anyone see/know anything?