Supply chain, Vulnerability Management, Data Security, Cloud Security

Trivy supply chain intrusion reportedly compromises Cisco source code

Logo of CISCO, an American multinational digital communications technology conglomerate corporation headquartered in San Jose, California.

(Adobe Stock)

Cisco was reported to have had its source code stolen by threat actors following an attack linked to the recent supply chain attack against Aqua Security's Trivy vulnerability scanner, according to BleepingComputer.

Threat actors who harnessed an illicit GitHub Action plugin from the Trivy hack were able to compromise Cisco's build and development environment, enabling the theft of credentials and data from dozens of devices, said a source close to the matter. Exfiltrated AWS keys were also noted to have been exploited to infiltrate a limited number of Cisco AWS accounts.

Such an incident, which has already been contained, was later discovered by BleepingComputer to have led to the cloning of over 300 Cisco GitHub repositories, including source code for the firm's AI Assistant, AI Defense, and other AI-based offerings, as well as the theft of repositories purportedly owned by U.S. government agencies, banks, and business process outsourcing firms. Additional compromise from subsequent LiteLLM and Checkmarx supply chain incidents is expected by Cisco, noted the source.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Related

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

ChecksumCloud ComputingCyclic Redundancy Check (CRC)Data Encryption Standard (DES)Data Loss Prevention (DLP)Data WarehousingDecryptionDiffie-HellmanDigital SignatureDigital Signature Algorithm (DSA)

You can skip this ad in 5 seconds