1. Malicious Checkmarx Jenkins Plugin Published to Jenkins Marketplace in Supply Chain Attack
A compromised version of the Checkmarx Jenkins AST Plugin was published to the Jenkins Marketplace late last week, security researchers confirmed. The incident marks another addition to a growing list of supply chain attacks targeting open-source development ecosystems and software build pipelines. While details about ...