This page collects WhisperX intelligence signals tagged #Checkmarx. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A compromised version of the Checkmarx Jenkins AST Plugin was published to the Jenkins Marketplace late last week, security researchers confirmed. The incident marks another addition to a growing list of supply chain attacks targeting open-source development ecosystems and software build pipelines. While details about ...
Checkmarx has confirmed a supply chain compromise targeting its Jenkins AST plugin, with a malicious version successfully published to the Jenkins Marketplace by an actor identified as TeamPCP. The incident follows a separate supply chain attack on Checkmarx's KICS (Keeping Infrastructure as Code Secure) tool just week...