Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Socket @SocketSecurity@fosstodon.org

3/20/2026, 5:44:10 PM

Public

🚨 Trivy update: maintainers confirm this attack used a compromised credential carried over from the breach in early March.

We’ve updated our analysis with full details on how 75 GitHub Action tags were poisoned and used to exfiltrate secrets during CI runs.

https://socket.dev/blog/trivy-under-attack-again-github-actions-compromise

Trivy Under Attack Again: Widespread GitHub Actions Tag Comp...

Attackers compromised Trivy GitHub Actions by force-updating tags to deliver malware, exposing CI/CD secrets across affected pipelines.

socket.dev · Socket

If you have a fediverse account, you can quote this note from your own instance. Search https://fosstodon.org/users/SocketSecurity/statuses/116262741638717245 on your instance and quote it. (Note that quoting is not supported in Mastodon.)