"Checkmarx stated that the investigation remains ongoing, and they are working to verify the nature and scope of the data. Current evidence suggests that this data originated from Checkmarx's GitHub repository, and that access to that repository was facilitated through the initial supply chain attack of March 23, 2026."
"Lapsus$ data thieves added Checkmarx to the list of victims on its leak site, claiming to have dumped sensitive information including source code, API keys, MongoDB and MySQL login credentials, and employee details."
"The initial attack occurred on March 23, when TeamPCP used CI/CD secrets stolen from Trivy, which they initially compromised in late February, injecting credential-stealing malware into the scanner."
Checkmarx confirmed that its GitHub repository was breached, resulting in the exposure of sensitive data by the Lapsus$ group. The company is investigating the incident, which is linked to a supply chain attack from March 23, 2026. They have secured the affected repository and will inform customers if any of their information was compromised. The breach follows an earlier attack on Trivy, where TeamPCP injected malware to steal developer secrets and credentials, facilitating the subsequent attack on Checkmarx.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]