Trivy Poisoned in EU Commission Breach

๐กSupply chain attack on OSS security toolโcritical for AI infra devs to audit deps
โก 30-Second TL;DR
What Changed
TeamPCP conducted supply chain attack on Trivy
Why It Matters
This breach highlights risks in trusting open-source security tools, potentially affecting global organizations using Trivy in CI/CD pipelines. AI teams reliant on container scanning must reassess vendor security.
What To Do Next
Immediately audit and update Trivy in your MLOps pipelines to the latest secure version.
Key Points
- โขTeamPCP conducted supply chain attack on Trivy
- โขStole 92 GB from European Commission's AWS
- โขShinyHunters leaked emails and personal data
- โขCERT-EU confirmed attribution to TeamPCP
๐ง Deep Insight
Web-grounded analysis with 8 cited sources.
๐ Enhanced Key Takeaways
- โขThe breach originated from a February compromise of Trivy's GitHub Actions environment (CVE-2026-33634), where TeamPCP exploited incomplete credential rotation to force-push malicious code to 76 of 77 version tags.
- โขThe stolen data, totaling 340 GB uncompressed (91.7 GB compressed), impacted up to 71 clients of the Europa web hosting service, including 42 internal European Commission clients and at least 29 other Union entities.
- โขTeamPCP utilized the stolen AWS API key to deploy TruffleHog within the Commission's environment to discover additional secrets, and attempted to evade detection by creating and attaching new access keys to existing user accounts.
๐ ๏ธ Technical Deep Dive
- โขInitial Access: Exploitation of CVE-2026-33634 in Trivy's GitHub Actions environment allowed TeamPCP to gain a privileged access token.
- โขSupply Chain Poisoning: Attackers manipulated trusted Trivy version tags to force CI/CD pipelines to pull down credential-stealing malware.
- โขCredential Harvesting: The malware was designed to exfiltrate AWS, GCP, and Azure cloud credentials, Kubernetes tokens, Docker registry credentials, database passwords, TLS private keys, SSH keys, and cryptocurrency wallet files.
- โขPersistence and Evasion: Attackers created and attached new access keys to existing user accounts to maintain access and evade detection.
- โขDiscovery Tooling: TeamPCP utilized the open-source tool TruffleHog to scan for and validate additional AWS credentials via the Security Token Service (STS).
๐ฎ Future ImplicationsAI analysis grounded in cited sources
โณ Timeline
๐ Sources (8)
Factual claims are grounded in the sources below. Forward-looking analysis is AI-generated interpretation.
Weekly AI Recap
Read this week's curated digest of top AI events โ
๐Related Updates
AI-curated news aggregator. All content rights belong to original publishers.
Original source: The Next Web (TNW) โ