Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...
Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...
Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...
Software security testing outfit Checkmarx has become the latest organization caught up in an ongoing attack on security-tool providers. The biz said data posted online appears to have come from one ...
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub ...
Between April 21 and 23, 2026, three coordinated supply chain campaigns targeted npm, PyPI, and Docker Hub, aiming to steal developer and CI/CD credentials. The incidents included a trojanized ...
Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...
If you’re deploying containers based on insecure images, the chances of your apps and services being secure is dramatically reduced. To that end, you should be doing everything you can to make sure ...
When we talk about secret sprawl, we immediately think about API keys, passwords, credentials or any secret lurking in some source code. For sure, source code is very tightly linked to secret sprawl.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results