1. Checkmarx Jenkins Plugin Sabotaged Again — Malicious Version Hits Marketplace After TeamPCP Intrusion
Checkmarx is battling a second supply-chain breach after detecting a compromised version of its Jenkins AST security plugin uploaded to the Jenkins Marketplace. The incident, discovered over the weekend of May 9, 2026, follows an earlier intrusion attributed to the TeamPCP threat group, raising fresh concerns about the...