{"id":234364,"date":"2026-03-31T23:23:42","date_gmt":"2026-04-01T04:23:42","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/03\/cisco-source-code-stolen-in-trivy-linked-dev-environment-breach"},"modified":"2026-03-31T23:23:42","modified_gmt":"2026-04-01T04:23:42","slug":"cisco-source-code-stolen-in-trivy-linked-dev-environment-breach","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/03\/cisco-source-code-stolen-in-trivy-linked-dev-environment-breach","title":{"rendered":"Cisco source code stolen in Trivy-linked dev environment breach"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/cisco-source-code-stolen-in-trivy-linked-dev-environment-breach.jpg\"><\/a><\/p>\n<p>Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers.<\/p>\n<p>A source, who asked to remain anonymous, told BleepingComputer that Cisco\u2019s Unified Intelligence Center, CSIRT, and EOC teams contained the breach involving a malicious \u201cGitHub Action plugin\u201d from the recent Trivy compromise.<\/p>\n<p>The attackers used the malicious GitHub Action to steal credentials and data from the company\u2019s build and development environment, impacting dozens of devices, including some developer and lab workstations.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cisco has suffered a cyberattack after threat actors used stolen credentials from the recent Trivy supply chain attack to breach its internal development environment and steal source code belonging to the company and its customers. A source, who asked to remain anonymous, told BleepingComputer that Cisco\u2019s Unified Intelligence Center, CSIRT, and EOC teams contained the [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-234364","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/234364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=234364"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/234364\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=234364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=234364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=234364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}