CERT-EU has linked the theft of data from the Europa.eu platform to the recent supply chain attack on Aqua Security’s Trivy open-source vulnerability scanner. The attack on the AWS cloud infrastructure hosting the Europa.eu web hub on March 24 resulted in the theft of 350 GB of data (91.7 GB compressed), including personal names, email addresses, and messages, according to CERT-EU’s analysis.
The compromise of Trivy allowed attackers to access an AWS API key, giving them entry to European Commission web data tied to 42 internal clients of the European Commission, and at least 29 other Union entities using the service. CERT-EU said the threat actor used the compromised AWS secret to create and attach a new access key to an existing user to evade detection, then carried out reconnaissance activities. It found no evidence that the attackers had moved laterally to other AWS accounts belonging to the Commission. CERT-EU assessed with high confidence that the initial access vector was the Trivy supply-chain compromise, publicly attributed to TeamPCP by Aqua Security. The stolen data later became public after TeamPCP leaked it to the ShinyHunters extortion group, which published it on the dark web on March 28.
The Trivy compromise dates to February, when TeamPCP exploited a misconfiguration in Trivy’s GitHub Actions environment, now identified as CVE-2026-33634, to gain a foothold through a privileged access token, according to Aqua Security. Aqua Security rotated credentials, but some remained valid during the process, allowing the attackers to steal the newly rotated credentials. By manipulating trusted Trivy version tags, TeamPCP caused CI/CD pipelines using the tool to automatically download credential-stealing malware. Security researchers at Palo Alto Networks said this gave the attackers access to AWS, GCP, Azure cloud credentials, Kubernetes tokens, Docker registry credentials, database passwords, TLS private keys, SSH keys, and cryptocurrency wallet files.
CERT-EU urged affected organizations to update immediately to a known safe version, rotate AWS and other credentials, audit Trivy versions in CI/CD pipelines, and ensure GitHub Actions are pinned to immutable SHA-1 hashes rather than mutable tags. It also advised looking for indicators of compromise such as unusual Cloudflare tunnelling activity or traffic spikes that could signal data exfiltration. The compromise of Trivy is estimated to have affected at least 1,000 SaaS environments, with other reported victims including Cisco, Checkmarx, and Artificial Intelligence gateway company LiteLLM. CERT-EU warned the handoff of stolen data to a major ransomware group could lead to a wave of extortion demands in the coming weeks.
