This page collects WhisperX intelligence signals tagged #jenkins. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A compromised version of the Checkmarx Jenkins AST Plugin was published to the Jenkins Marketplace late last week, security researchers confirmed. The incident marks another addition to a growing list of supply chain attacks targeting open-source development ecosystems and software build pipelines. While details about ...
Checkmarx has confirmed a supply chain compromise targeting its Jenkins AST plugin, with a malicious version successfully published to the Jenkins Marketplace by an actor identified as TeamPCP. The incident follows a separate supply chain attack on Checkmarx's KICS (Keeping Infrastructure as Code Secure) tool just week...
Checkmarx has confirmed that a malicious version of its Jenkins Application Security Testing (AST) plugin was published on the official Jenkins Marketplace, exposing software developers who downloaded the rogue package to infostealer malware. The company issued a warning over the weekend after identifying the fraudulen...
Checkmarx, a widely used code-security platform, confirmed that its official Jenkins plugin was compromised with an infostealer, in an attack the company attributed to the threat actor TeamPCP. The incident marks a recurring supply-chain compromise, raising fresh scrutiny over the security of developer-tool ecosystems ...