Your Vulnerability Scanner Was the Vulnerability: 4 Projects Backdoored in 8 Days

📰 Dev.to · Gabriel Anhaia

Between March 19-27, 2026, attackers compromised Trivy, KICS, LiteLLM, and Telnyx with the SANDCLOCK credential stealer. The security tools meant to protect pipelines became the attack vector. Here's the full timeline, version numbers, and how to defend against mutable tag poisoning.

Published 5 Apr 2026
Read full article → ← Back to Reads