Threat Digest

Screenshot of a server room with glowing red lights indicating a security breach.

Checkmarx Jenkins Plugin Hijacked [Infostealer Attack]

Just when you thought CI/CD pipelines were safe, Checkmarx’s Jenkins plugin gets roped into a supply-chain attack. TeamPCP strikes again.

5 min read 1 week, 4 days ago

Abstract representation of code flowing through a compromised network, with a padlock symbol indicating a security breach.

Vulnerabilities & CVEs

TeamPCP Hits Checkmarx Again: The Supply Chain Trust Game

Just weeks after a supply chain attack that snaked through Bitwarden, TeamPCP is back, this time hijacking Checkmarx's own Jenkins plugin. It’s deja vu, and not the fun kind.

5 min read 1 week, 5 days ago

#jenkins

Checkmarx Jenkins Plugin Hijacked [Infostealer Attack]

TeamPCP Hits Checkmarx Again: The Supply Chain Trust Game