Why did this discussion about the Trivy incident get removed/closed #10420
-
|
https://github.com/aquasecurity/trivy/discussions/10265 Why did this get removed when active discussion on a new (maybe related) incident was happening? |
Beta Was this translation helpful? Give feedback.
Replies: 772 comments
-
|
To be explicit, it wasn't just discussion on the previous well reported compromise, there was active discussion on the new (as of today) compromise of EDIT: Judging by the subsequent spam comments on this issue, it's likely the threat actor deleted the discussion to slow down the response by impacted users/orgs. Copying some of the IoCs/links from the deleted discussion for reference:
|
Beta Was this translation helpful? Give feedback.
-
|
sugma and ligma, teampcp owns you |
Beta Was this translation helpful? Give feedback.
-
|
sugma and ligma, teampcp owns you |
Beta Was this translation helpful? Give feedback.
-
|
thanks for the detailed explanation |
Beta Was this translation helpful? Give feedback.
-
|
this solved my issue, thanks |
Beta Was this translation helpful? Give feedback.
-
|
this helped me understand the problem better |
Beta Was this translation helpful? Give feedback.
-
|
makes sense now, appreciate it |
Beta Was this translation helpful? Give feedback.
-
|
this is really well documented |
Beta Was this translation helpful? Give feedback.
-
|
worked perfectly for me |
Beta Was this translation helpful? Give feedback.
-
|
same issue here, this fixed it |
Beta Was this translation helpful? Give feedback.
-
|
solid explanation, thanks |
Beta Was this translation helpful? Give feedback.
-
|
confirmed, this works on my end too |
Beta Was this translation helpful? Give feedback.
-
|
helpful thread, glad I found it |
Beta Was this translation helpful? Give feedback.
-
|
thanks for the context, very useful |
Beta Was this translation helpful? Give feedback.
-
|
great find, would have taken me ages |
Beta Was this translation helpful? Give feedback.
-
|
exactly the issue I was seeing |
Beta Was this translation helpful? Give feedback.
-
|
thank you, this was bugging me for hours |
Beta Was this translation helpful? Give feedback.
-
|
this is allowed |
Beta Was this translation helpful? Give feedback.
-
|
super useful, bookmarking this |
Beta Was this translation helpful? Give feedback.
-
|
this solved my issue, thanks |
Beta Was this translation helpful? Give feedback.
-
|
this helped me understand the problem better |
Beta Was this translation helpful? Give feedback.
-
|
makes sense now, appreciate it |
Beta Was this translation helpful? Give feedback.
-
|
nice, didn't know about this workaround |
Beta Was this translation helpful? Give feedback.
-
|
same issue here, this fixed it |
Beta Was this translation helpful? Give feedback.
-
|
solid explanation, thanks |
Beta Was this translation helpful? Give feedback.
-
|
this is the answer I needed |
Beta Was this translation helpful? Give feedback.
-
|
helpful thread, glad I found it |
Beta Was this translation helpful? Give feedback.
-
|
thanks for the context, very useful |
Beta Was this translation helpful? Give feedback.
To be explicit, it wasn't just discussion on the previous well reported compromise, there was active discussion on the new (as of today) compromise of
v0.69.4trivy binariesEDIT: Judging by the subsequent spam comments on this issue, it's likely the threat actor deleted the discussion to slow down the response by impacted users/orgs.
Copying some of the IoCs/links from the deleted discussion for reference:
scan[.]aquasecurtiy[.]org