Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Socket @SocketSecurity@fosstodon.org

3/20/2026, 3:49:44 AM

Public

🚨 Trivy is under attack again.

Attackers force-pushed 75 of 76 tags in aquasecurity/trivy-action, impacting 10K+ workflows and turning trusted GitHub Actions into malware.

Any version ≠ v0.35.0 may execute an infostealer in CI.

Analysis forthcoming: https://socket.dev/blog/trivy-under-attack-again-github-actions-compromise

Trivy Under Attack Again: Widespread GitHub Actions Tag Comp...

Attackers compromised Trivy GitHub Actions by force-updating tags to deliver malware, exposing CI/CD secrets across affected pipelines.

socket.dev · Socket

If you have a fediverse account, you can quote this note from your own instance. Search https://fosstodon.org/users/SocketSecurity/statuses/116259460541810792 on your instance and quote it. (Note that quoting is not supported in Mastodon.)