1. Checkmarx Jenkins Plugin Sabotaged: Malicious Version Detected in Supply Chain Attack
Checkmarx disclosed a supply chain compromise targeting its Jenkins plugin, warning customers that an unauthorized version of its AST Scanner was uploaded to the Jenkins Marketplace over the weekend. The company confirmed the breach in a customer advisory on Saturday, May 9, stating it was actively working to remove th...