Confirm MSDO Trivy distribution is unaffected by supply chain attack

[ekbaramundi]

On March 19, 2026, malicious Trivy versions 0.69.4–0.69.6 were published to Docker Hub and GitHub Releases (see aquasecurity/trivy#10425)

• Is the SecDevTools NuGet feed confirmed unaffected?
• Is the NuGet package built from verified source, or repackaged from GitHub Releases?
• Does MSDO have integrity checks that would prevent a compromised upstream binary from entering the feed?
• Environment: MSDO CLI 0.215.0, MicrosoftSecurityDevOps@1, Azure DevOps hosted agents (Windows)

[DimaBir]

Hi @ekbaramundi, thank you for raising this here as well. We've already addressed these questions in detail on the GitHub Action repository — the answer applies equally to both, since both microsoft/security-devops-action and MicrosoftSecurityDevOps@1 use the same MSDO CLI and resolve tools from the same Microsoft-managed NuGet feed.

TL;DR: MSDO users are confirmed unaffected, including Azure DevOps hosted agents.

Full breakdown with answers to each of your questions: microsoft/security-devops-action#227 (comment)

Additionally, our automated toolchain breach monitor independently confirmed the same finding with CVE/advisory details: microsoft/security-devops-action#229

Closing as duplicate of the action repo thread — please follow up there if you have further questions.