A malicious version of the plugin was published to the Jenkins Marketplace late last week.

The post Checkmarx Jenkins AST Plugin Compromised in Supply Chain Attack appeared first on SecurityWeek.

The hackers exfiltrated the data from Checkmarx’s GitHub environment on March 30, a week after publishing malicious code.

The post Checkmarx Confirms Data Stolen in Supply Chain Attack appeared first on SecurityWeek.