diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
index 80d0fa312d..9b7a574a14 100644
--- a/.github/workflows/trivy.yaml
+++ b/.github/workflows/trivy.yaml
@@ -27,11 +27,12 @@ jobs:
       run: |
         make local
         make package-image
+        make tag-image-latest
 
     - name: Run Trivy vulnerability scanner
       uses: aquasecurity/trivy-action@0.24.0
       with:
-        image-ref: 'rancher/k3s'
+        image-ref: 'rancher/k3s:latest'
         format: 'table'
         severity: "HIGH,CRITICAL"
         output: "trivy-report.txt"
diff --git a/scripts/tag-image-latest b/scripts/tag-image-latest
new file mode 100755
index 0000000000..a462347e8a
--- /dev/null
+++ b/scripts/tag-image-latest
@@ -0,0 +1,15 @@
+#!/bin/bash
+set -e
+
+cd $(dirname $0)/..
+
+. ./scripts/version.sh
+
+TAG=${TAG:-${VERSION_TAG}${SUFFIX}}
+REPO=${REPO:-rancher}
+IMAGE_NAME=${IMAGE_NAME:-k3s}
+
+IMAGE=${REPO}/${IMAGE_NAME}:${TAG}
+LATEST=${REPO}/${IMAGE_NAME}:latest
+docker image tag ${IMAGE} ${LATEST}
+echo Tagged ${IMAGE} as ${LATEST}