European Commission Breached After Hackers Poisoned Open-Source Security Tool Trivy

European Commission breached after hackers poisoned open-source security tool Trivy

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in a supply chain attack. ShinyHunters leaked the data.

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

The European Commission (EC) has confirmed that hackers stole over 300GB of data from its AWS environment using an API key compromised in the Trivy supply chain attack. The incident occurred on March 24 and was initially disclosed on March 27, when the EC warned that cloud infrastructure hosting its resources for the Europa.eu platform had been breached. Now, CERT-EU reveals that the hack involved an AWS cloud account that is part of the backend…