A supply chain attack on Trivy, a vulnerability scanner, has led to the compromise of 44 Aqua Security repositories on GitHub, with all of them being defaced in a matter of minutes. The attack involved malicious Trivy images being uploaded to Docker Hub, specifically versions 0.69.4-0.69.6, which contained TeamPCP infostealer malware1. These tainted images were pushed without corresponding GitHub releases, putting developers who used the compromised container images at risk. The attackers, identified as TeamPCP, exploited the supply chain vulnerability to gain access to Aqua Security's internal GitHub organization. The defacement of the repositories and the spread of malware-infected images pose a significant threat to developers and organizations relying on Trivy for security scanning. This incident highlights the importance of verifying the integrity of container images and monitoring for suspicious activity in the software supply chain, so what matters most to practitioners is promptly assessing their exposure to compromised Trivy images and taking remedial action.