1. Checkmarx Jenkins Plugin Infostealer Breach: TeamPCP Maintained Access for Over a Month
Checkmarx, a widely used code-security platform, confirmed that its official Jenkins plugin was compromised with an infostealer, in an attack the company attributed to the threat actor TeamPCP. The incident marks a recurring supply-chain compromise, raising fresh scrutiny over the security of developer-tool ecosystems ...