The Trivy breach shows why control over your infrastructure isn’t optional
What Just Happened
In April 2026, security researchers discovered that Trivy—a widely-used open source security scanner—had been compromised by attackers. The tool, which is embedded in thousands of organisations’ development pipelines, was quietly stealing API keys, cloud credentials, database passwords, and other sensitive information.
According to Google’s Mandiant consulting team, over 1,000 SaaS environments are currently dealing with the breach, with that number expected to grow into the thousands. The attackers are now collaborating with notorious extortion groups like Lapsus$, and security researchers are warning of a “dangerous convergence between supply chain attackers and high-profile extortion groups.”
The attack didn’t stop at Trivy. The same group also compromised liteLLM, an AI middleware component present in over a third of all cloud environments. Anyone using these tools in their cloud infrastructure was unknowingly running malware.
The Supply Chain Problem
Modern cloud platforms are built on layers of third-party components: open source libraries, container images, scanning tools, middleware, and countless dependencies. Each one is a potential entry point for attackers.
When you use a typical cloud service—whether it’s a SaaS application or a public cloud platform—you’re trusting not just the provider, but every piece of software in their stack. If any one of those components is compromised, your data is at risk. You have no visibility into what’s running underneath your workloads, and no control over when or how those components are updated.
The Trivy attack is a textbook example. Thousands of organisations had this tool running in their environments, automatically scanning code and infrastructure. They trusted it because it was widely used and maintained by a reputable security company. But the attackers found a way in, and suddenly that trusted tool became the threat.
A Different Approach: Infrastructure You Control
Our CloudDESKTOP service takes a fundamentally different approach. Your virtual desktops and servers run as guest machines on Microsoft Hyper-V host servers that we own and operate. There’s no shared multi-tenant platform, no third-party container orchestration, and no sprawling dependency chain of open source components that could be compromised upstream.
Here’s what that means in practice:
We control the hardware. Your workloads run on physical servers we own, housed in UK data centres. We’re not reselling capacity from a hyperscaler or relying on infrastructure we don’t control.
We control the hypervisor. Microsoft Hyper-V is a mature, well-understood virtualisation platform. It’s not dependent on a chain of open source container tools, orchestration layers, and third-party middleware. We manage the Hyper-V hosts directly, and we decide what runs on them.
Your environment is isolated. Each customer’s virtual machines are separate from every other customer’s. There’s no shared runtime, no common container registry, and no situation where a compromised tool in someone else’s pipeline could affect your systems.
We control updates and changes. We’re not automatically pulling in the latest versions of dozens of open source dependencies. Changes to the underlying infrastructure are planned, tested, and implemented by our team—not pushed silently by upstream maintainers.
The Trade-Off
This approach does have trade-offs. We’re not offering the infinite scalability of a hyperscaler, and we’re not chasing the latest container-native features. What we offer instead is a straightforward, controlled environment where you know exactly what’s running your workloads—and, more importantly, what isn’t.
For many businesses, particularly those handling sensitive data or operating in regulated industries, that control is worth more than the flexibility of a more complex cloud architecture.
Questions to Ask Any Cloud Provider
If you’re evaluating cloud hosting options, the Trivy attack is a useful prompt to ask some pointed questions:
What third-party components are in your stack, and how do you vet them? How quickly would you know if one of your upstream dependencies was compromised? Do I share any infrastructure or tooling with other customers? Who controls when updates are applied to the systems running my workloads?
The answers will tell you a lot about how much control you’re really giving up—and how exposed you might be to the next supply chain attack.
Need help with private cloud hosting?
Give our friendly experts a call on 020 3327 0310.
Last updated: March 2026