<![CDATA["As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains.]]>"As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains.

On April 22, as a result of their renewed access or month-long persistence, the attacker published malicious Docker images, VSCode and Open VSX extensions for Checkmarx’s KICS security scanner, which stole credentials, keys, tokens, and config files."

oh dear

https://www.bleepingcomputer.com/news/security/checkmarx-confirms-lapsus-hackers-leaked-its-stolen-github-data/

]]>https://board.circlewithadot.net/topic/ef4edfa1-cbc6-4f56-a727-23c66eccb82a/as-a-result-of-that-access-the-attackers-were-able-to-interact-with-checkmarx-s-github-environment-and-subsequently-publish-malicious-code-to-certain-artifacts-the-company-explains.RSS for NodeFri, 15 May 2026 01:51:06 GMTTue, 28 Apr 2026 15:03:18 GMT60<![CDATA[Reply to "As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains. on Tue, 28 Apr 2026 20:11:22 GMT]]>@GossiTheDog Belarus, good luck…

]]>https://board.circlewithadot.net/post/https://mastodon.nl/users/mkoek/statuses/116484150557745945https://board.circlewithadot.net/post/https://mastodon.nl/users/mkoek/statuses/116484150557745945Tue, 28 Apr 2026 20:11:22 GMT<![CDATA[Reply to "As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains. on Tue, 28 Apr 2026 18:52:02 GMT]]>@GossiTheDog onion headline: the company would like the press to make note of. They are a SECURITY company and NOT a repo security company.

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/rtificial/statuses/116483838583250965https://board.circlewithadot.net/post/https://infosec.exchange/users/rtificial/statuses/116483838583250965Tue, 28 Apr 2026 18:52:02 GMT<![CDATA[Reply to "As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains. on Tue, 28 Apr 2026 18:24:24 GMT]]>@GossiTheDog I'm glad I disabled KICS at our company after the initial Trivy breach. Had a hunch this would happen.

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/thepwnicorn/statuses/116483729961744654https://board.circlewithadot.net/post/https://infosec.exchange/users/thepwnicorn/statuses/116483729961744654Tue, 28 Apr 2026 18:24:24 GMT<![CDATA[Reply to "As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains. on Tue, 28 Apr 2026 16:02:46 GMT]]>@GossiTheDog im begining to think i should never download anything again

]]>https://board.circlewithadot.net/post/https://mas.to/users/aliengasmask/statuses/116483173039937673https://board.circlewithadot.net/post/https://mas.to/users/aliengasmask/statuses/116483173039937673Tue, 28 Apr 2026 16:02:46 GMT<![CDATA[Reply to "As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts," the company explains. on Tue, 28 Apr 2026 15:06:32 GMT]]>The 'new' lapsus$ portal is https://lapsus.by - they're operating in clear web. I've written to the TLD to see if they want to yeet them.

]]>https://board.circlewithadot.net/post/https://cyberplace.social/users/GossiTheDog/statuses/116482951888588169https://board.circlewithadot.net/post/https://cyberplace.social/users/GossiTheDog/statuses/116482951888588169Tue, 28 Apr 2026 15:06:32 GMT