"As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains.
-
"As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains.
On April 22, as a result of their renewed access or month-long persistence, the attacker published malicious Docker images, VSCode and Open VSX extensions for Checkmarx’s KICS security scanner, which stole credentials, keys, tokens, and config files."
oh dear
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.
BleepingComputer (www.bleepingcomputer.com)
-
"As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains.
On April 22, as a result of their renewed access or month-long persistence, the attacker published malicious Docker images, VSCode and Open VSX extensions for Checkmarx’s KICS security scanner, which stole credentials, keys, tokens, and config files."
oh dear
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.
BleepingComputer (www.bleepingcomputer.com)
The 'new' lapsus$ portal is https://lapsus.by - they're operating in clear web. I've written to the TLD to see if they want to yeet them.
-
"As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains.
On April 22, as a result of their renewed access or month-long persistence, the attacker published malicious Docker images, VSCode and Open VSX extensions for Checkmarx’s KICS security scanner, which stole credentials, keys, tokens, and config files."
oh dear
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.
BleepingComputer (www.bleepingcomputer.com)
@GossiTheDog im begining to think i should never download anything again
-
R relay@relay.infosec.exchange shared this topic
-
"As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains.
On April 22, as a result of their renewed access or month-long persistence, the attacker published malicious Docker images, VSCode and Open VSX extensions for Checkmarx’s KICS security scanner, which stole credentials, keys, tokens, and config files."
oh dear
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.
BleepingComputer (www.bleepingcomputer.com)
@GossiTheDog I'm glad I disabled KICS at our company after the initial Trivy breach. Had a hunch this would happen.
-
"As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains.
On April 22, as a result of their renewed access or month-long persistence, the attacker published malicious Docker images, VSCode and Open VSX extensions for Checkmarx’s KICS security scanner, which stole credentials, keys, tokens, and config files."
oh dear
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.
BleepingComputer (www.bleepingcomputer.com)
@GossiTheDog onion headline: the company would like the press to make note of. They are a SECURITY company and NOT a repo security company.
-
The 'new' lapsus$ portal is https://lapsus.by - they're operating in clear web. I've written to the TLD to see if they want to yeet them.
@GossiTheDog Belarus, good luck…
