indicatordomain
scan[.]aquasecurtiy[.]org
- First seen
- 2026-05-13
- Last seen
- 2026-05-14
- Sightings
- 2
Posts referencing this indicator
- Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise
Typosquatted exfiltration domain used in the upstream Trivy GitHub Action compromise.
- Trivy Supply Chain Attack Expands to Compromised Docker Images
Typosquatted C2 domain used by the TeamPCP infostealer for data exfiltration.