Advertisement
Checkmarx Jenkins AST Plugin Compromised in TeamPCP Attack
TeamPCP compromised the Checkmarx Jenkins AST plugin on the Jenkins Marketplace. Defenders must revert to version 2.0.13 to secure CI/CD pipelines.
Checkmarx Supply Chain Attack: GitHub Data Exfiltration Confirmed
Checkmarx confirms data exfiltration from its GitHub environment following a malicious code publication. Learn about the TTPs and mitigation strategies.
GlassWorm Malware: Cloned Open VSX Extensions Target Developers
Over 70 malicious Open VSX extensions cloned from popular tools deliver GlassWorm malware, highlighting risks in developer-focused supply chain attacks.
Checkmarx GitHub Repository Data Leaked Following Supply Chain Attack
Checkmarx confirms internal GitHub repository data was published on the dark web following a March 2026 supply chain incident. Learn the impact and TTPs.
Compromised Checkmarx KICS: Supply Chain Attack on Developer Environments
A supply chain attack compromised Checkmarx KICS Docker images and extensions, exposing developer environments to sensitive data theft. Learn mitigation.
TeamPCP Supply Chain: Checkmarx Wider Scope & LiteLLM PyPI Compromise
An update on the TeamPCP supply chain campaign details wider Checkmarx impact, LiteLLM PyPI compromise, and a CISA KEV entry.