Security firm Checkmarx suffered a series of supply-chain attacks over 40 days. It began with the compromise of the Trivy vulnerability scanner on March 19, which pushed credential-stealing malware to Checkmarx. Days later, Checkmarx's own GitHub account was breached and used to distribute malware to its customers. A second wave of malicious packages appeared on April 22 via both GitHub and Docker Hub, suggesting the initial remediation was incomplete. The ransomware group Lapsu$ then dumped private Checkmarx data on the dark web, with timestamps indicating persistent access since at least March 30 despite the company's containment efforts.
Sort: