Checkmarx Data Leak Linked to Supply-Chain Attack by TeamPCP

Checkmarx Data Leak Linked to Supply-Chain Attack by TeamPCP

First seen 28 Apr 2026, 02:35 UTC ThehackernewsForo3DTheregisterramp.comGbhackers+6 89% similarity 71.0

Article Content

Browse articles
ThreatCluster

Checkmarx, a software security firm, is investigating a significant data leak after its GitHub repository was compromised in a supply-chain attack on March 23, 2026. The attack, attributed to the TeamPCP cybercrime group, involved the injection of credential-stealing malware into Checkmarx's KICS tool, which allowed unauthorized access to sensitive company data. The leaked information includes source code, API keys, and employee details, posing a risk to client projects. Checkmarx has locked down the affected repository and is working to assess the scope of the breach. The incident highlights vulnerabilities in DevOps environments where third-party integrations can expose sensitive credentials. The attackers initially compromised Trivy, an open-source vulnerability scanner, to gain access to Checkmarx's systems. As of April 27, 2026, Checkmarx has not confirmed the full extent of the data leak but is expected to provide updates soon.

Key Points: • Checkmarx's GitHub repository was compromised in a supply-chain attack on March 23, 2026. • The attack was executed by the TeamPCP group, utilizing malware injected into the KICS tool. • Sensitive data leaked includes source code, API keys, and employee information.

ThreatCluster AI

Timeline

2026-02-28
TeamPCP compromised Trivy, an open-source vulnerability scanner.
2026-03-16
Credential-stealing malware injected into Trivy.
2026-03-23
Supply-chain attack on Checkmarx's GitHub repository.
2026-04-27
Checkmarx confirms data leak and ongoing investigation.

Community

Browse all →