Aqua Security Headlines

Global Security Mag

Aqua Security launches Cloud Native Detection and Response (CNDR) with over 80 behavioral indicators to detect and prevent zero-day attacks.

Companies:Aqua Security

NHI Mgmt Group

An analysis article that references and discusses Aqua Security's report on Kubernetes security, emphasizing the need for new security models for ephemeral workloads.

Companies:Aqua Security

DEV Community

The article analyzes the Trivy supply chain attack, highlighting how incomplete remediation led to continued credential theft, and contrasts it with the Shai Hulud campaign.

Companies:Aqua Security

Picus Security

The article describes how TeamPCP compromised Trivy, an open-source vulnerability scanner by Aqua Security, leading to a self-propagating worm that infected over 60 npm packages.

Companies:Aqua Security

Global Security Mag

Aqua Security announced its Cloud Native Detection and Response (CNDR) capabilities, which use behavioral indicators from its Nautilus research team to detect and respond to zero-day attacks in cloud native environments.

Companies:Aqua Security

TipRanks

TipRanks analyzes Aqua Security's launch of Compass and risk dashboards, highlighting strategic implications.

Companies:Aqua Security

Help Net Security

Help Net Security reports on Aqua Security's launch of Aqua Compass and runtime risk dashboards.

Companies:Aqua Security

Aqua Security

Aqua Security announced Aqua Compass, an MCP server enabling agentic investigation, containment and remediation of runtime incidents, plus new runtime risk dashboards that convert vulnerabilities into monetary exposure metrics.

Companies:Aqua Security

Microsoft Security Blog

This article provides guidance on detecting, investigating, and defending against the Trivy supply chain compromise, which affected Aqua Security's open-source vulnerability scanner.

Companies:Aqua Security

Aqua Security Blog

This article provides an update on an ongoing supply chain attack targeting Aqua Security's Trivy open-source project, detailing the timeline of the attack, affected components, and actions taken by Aqua Security and the community for remediation.

Companies:Aqua Security

StepSecurity

This article reports on the second compromise of Aqua Security's Trivy vulnerability scanner, detailing how a credential stealer was injected into GitHub Actions and a malicious Trivy binary was published, affecting various components and exposing secrets.

Companies:Aqua Security

The Hacker News

Cybersecurity researchers discovered malicious Rust crates and an AI bot exploiting CI/CD pipelines. Aqua Security's 'aquasecurity/trivy' repository was among the targets, and the company provided a statement on the incident, which involved the theft of a Personal Access Token and the pushing of a malicious VSCode extension.

Companies:Aqua Security

Help Net Security

Aqua Security launched Secure AI, a full lifecycle security solution for AI applications covering code scanning, cloud configuration checks, runtime detection, governance, and prompt defense. The product addresses emerging threats to AI workloads including prompt injection and unauthorized model usage, extending Aqua's container security leadership to the AI era.

Companies:Aqua Security

TechCrunch

Aqua Security raised $60 million, extending its Series E round to $195 million total, with Evolution Equity Partners as the new lead investor. The Israeli cloud-native security startup, which counts PayPal, Netflix, and Samsung as customers, has now raised approximately $325 million in total. The company's valuation remained above $1 billion.

Companies:Aqua Security