Checkmarx

Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack

Checkmarx, Jenkins, supply chain attack, Supply Chain Security, TeamPCP, Trivy /

Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack 2026-05-11 at 13:57 By Ionut Arghire A malicious version of the plugin was published to the Jenkins Marketplace late last week. The post Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack Read More »

Checkmarx Confirms Data Stolen in Supply Chain Attack

Checkmarx, data breach, Data Breaches, Lapsus$, supply chain attack, TeamPCP /

Checkmarx Confirms Data Stolen in Supply Chain Attack 2026-04-29 at 14:03 By Ionut Arghire The hackers exfiltrated the data from Checkmarx’s GitHub environment on March 30, a week after publishing malicious code. The post Checkmarx Confirms Data Stolen in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Checkmarx Confirms Data Stolen in Supply Chain Attack Read More »

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks

Aikido Security, Aqua Security, Checkmarx, Don't miss, Hot stuff, Malware, News, open source, PyPI, Sonatype, supply chain attacks, supply chain compromise, Wiz /

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks 2026-03-25 at 14:01 By Zeljka Zorz A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in late 2025. The latest victim of the group is BerryAI’s popular

LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks Read More »

What 2024 taught us about security vulnerabilties

BitSight, Black Duck, Checkmarx, CISA, cybersecurity, FBI, Fortinet, NCSC, News, NSA, report, Skybox Security, survey, Tenable, Veracode, vulnerability /

What 2024 taught us about security vulnerabilties 2025-01-14 at 06:03 By Help Net Security From zero-day exploits to weaknesses in widely used software and hardware, the vulnerabilities uncovered last year underscore threat actors’ tactics and the critical gaps in organizational defenses. This roundup showcases the standout findings from 2024’s cybersecurity reports, highlighting critical risks and

What 2024 taught us about security vulnerabilties Read More »

MUT-1244 targeting security researchers, red teamers, and threat actors

Checkmarx, cryptojacking, data theft, Datadog, Don't miss, GitHub, Hot stuff, News, phishing, WordPress /

MUT-1244 targeting security researchers, red teamers, and threat actors 2024-12-16 at 17:33 By Zeljka Zorz A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data. MUT-1244 has

MUT-1244 targeting security researchers, red teamers, and threat actors Read More »

Malware Upload Attack Hits PyPI Repository

Checkmarx, Malware & Threats, PyPI, Supply Chain Security /

Malware Upload Attack Hits PyPI Repository 2024-03-28 at 20:31 By Ryan Naraine Maintainers of the Python Package Index (PyPI) repository were forced to suspend new project creation and new user registration to mitigate a malware upload campaign. The post Malware Upload Attack Hits PyPI Repository appeared first on SecurityWeek. This article is an excerpt from

Malware Upload Attack Hits PyPI Repository Read More »

Organizations are knowingly releasing vulnerable applications

Application Security, Checkmarx, CISO, cybersecurity, News, report, software development, survey /

Organizations are knowingly releasing vulnerable applications 2024-03-05 at 06:18 By Help Net Security 92% of companies had experienced a breach in the prior year due to vulnerabilities of applications developed in-house, according to Checkmarx. AppSec managers and developers share application security duties In recent years the responsibility for application security has shifted away from dedicated

Organizations are knowingly releasing vulnerable applications Read More »

Scroll to Top