Checkmarx has confirmed that a cybercriminal group has leaked data from its GitHub repository on the dark web following a security incident on March 23, 2026. The breach has raised significant concerns regarding supply chain security and data integrity.
Checkmarx’s ongoing investigation into a recent breach has led to the discovery that sensitive data was published on the dark web by a cybercriminal group. The Israeli security firm indicated that the data likely originated from their GitHub repository, which was compromised during a supply chain attack on March 23, 2026. The company reassured stakeholders that the affected repository is maintained separately from its customer production environment and does not store customer data.
The Dark Web Informer reported that the LAPSUS$ cybercrime group has claimed three victims, including Checkmarx. The leaked data includes source code, an employee database, API keys, and MongoDB/MySQL credentials. Checkmarx has implemented measures to secure the affected repository and is actively verifying the scope and nature of the leaked information.
As part of its incident response, Checkmarx has restricted access to the impacted GitHub repository. The company is committed to transparency and has stated it will notify customers without delay should any customer information be found to be involved in this incident. The breach followed a previous attack termed as the Trivy supply chain attack, which compromised various GitHub Actions workflows and plugins, enabling the deployment of credential-stealing malware.
In the wake of these events, Checkmarx has reaffirmed its dedication to securing its development environment and the integrity of its services. The breach was exacerbated by the actions of criminals believed to be associated with the TeamPCP threat group, which is suspected of tampering with additional repositories and a Docker image.
The situation underscores the importance of supply chain security in the technology sector, particularly for companies that manage sensitive development resources. Addressing the vulnerabilities that led to this incident will be crucial in restoring stakeholder confidence and preventing future attacks.
In conclusion, the Checkmarx incident serves as a stark reminder of the evolving threats in cybersecurity and the imperative for stringent protective measures. Companies must remain vigilant and proactive in securing their digital assets.
Stay updated by following reliable cybersecurity news sources for ongoing developments and best practices in securing your systems.
Quelle: Hacker-News
