CVE-2026-33634: Critical Supply Chain Attack on Aquasecurity Trivy Demands Immediate Action
Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in the CI/CD environment, including all tokens, SSH keys, cloud credentials, database passwords, and any sensitive configuration in memory.