After Aqua Security's Trivy vulnerability scanner got hacked last week, security firm Checkmarx says its KICS code scanner was also hacked
-
After Aqua Security's Trivy vulnerability scanner got hacked last week, security firm Checkmarx says its KICS code scanner was also hacked
🫣
Checkmarx Security Update
We take our customers’ security very seriously and are taking steps to reinforce our processes. We will continue to provide updates as more information becomes available
Checkmarx (checkmarx.com)
-
After Aqua Security's Trivy vulnerability scanner got hacked last week, security firm Checkmarx says its KICS code scanner was also hacked
🫣
Checkmarx Security Update
We take our customers’ security very seriously and are taking steps to reinforce our processes. We will continue to provide updates as more information becomes available
Checkmarx (checkmarx.com)
@campuscodi Not sure if helpful, but I've published an aggregate "view" of what has been currently published regarding TeamPCP, Triviy and KICS (and more).
Threat Assessment: TeamPCP - CanisterWorm & Kubernetes Wiper Campaign
TeamPCP is a cybercrime group that compromised over 60 000 cloud servers, backdoored the Trivy vulnerability scanner, and unleashed a self-spreading npm worm — all controlled through a takedown-resistant blockchain C2. Their latest payload wipes Kubernetes clusters configured for Iranian locales while backdooring everyone else. The motivation behind the Iranian targeting remains unknown. Updated: 2026-03-24, three new sources added for context and new information about Checkmarx compromise.
CHRISTOFFER STRÖMBLAD (cstromblad.com)
-
R relay@relay.infosec.exchange shared this topic
M mttaggart@infosec.exchange shared this topic
