Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack
好的,我现在需要帮用户总结这篇文章的内容,控制在100个字以内。首先,我得通读全文,抓住主要信息。 文章讲的是Checkmarx公司遭遇了一次供应链安全事件。他们发现一个网络犯罪团伙在暗网上发布了与公司相关的数据。这些数据来自他们的GitHub仓库,而这个仓库是在3月23日的供应链攻击中被入侵的。Checkmarx强调这个仓库和客户的生产环境是分开的,客户数据没有存储在那里。他们正在调查中,并锁定了受影响的仓库。如果发现客户信息受到影响,他们会立即通知相关方。 此外,文章提到LAPSUS$团伙声称入侵了Checkmarx,并泄露了源代码、员工数据库、API密钥等信息。这次攻击还影响了其他软件包,比如Bitwarden CLI npm包。 现在我要把这些信息浓缩到100字以内,重点包括事件的时间、原因、受影响的数据类型以及公司的应对措施。 可能的结构是:Checkmarx因供应链攻击导致GitHub数据泄露,涉及源代码和员工信息等,公司正在调查并采取措施防止进一步影响。 这样既涵盖了主要事件,又控制了字数。 </think> Checkmarx遭遇供应链攻击后,其GitHub仓库数据被泄露至暗网,包含源代码、员工数据库等敏感信息。公司正调查事件并锁定受影响仓库以防止进一步影响。 2026-4-27 14:19:0 Author: thehackernews.com(查看原文) 阅读量:20 收藏

Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web.

"Based on current evidence, we believe this data originated from Checkmarx's GitHub repository, and that access to that repository was facilitated through the initial supply chain attack of March 23, 2026," the Israeli security company said.

It also emphasized that the GitHub repository is maintained separately from its customer production environment, adding that no customer data is stored in the repository. Checkmarx said its forensic probe into the incident is ongoing and that it's actively working to verify the nature and scope of the posted data.

Furthermore, the company said it has locked down access to the affected GitHub repository as part of its incident response efforts.

"If we determine that customer information was involved in this incident, we will notify customers and all relevant parties immediately," it said.

The development comes after the Dark Web Informer shared in an X post that the LAPSUS$ cybercrime group claimed three victims on its data leak site, one of which includes Checkmarx. The data, per the listing, contains source code, employee database, API keys, and MongoDB/MySQL credentials.

Checkmarx suffered a breach late last month following the Trivy supply chain attack, as a result of which two of its GitHub Actions workflows and two plugins distributed via the Open VSX marketplace were tampered with to push a credential stealer capable of harvesting a wide range of developer secrets. The threat actor known as TeamPCP claimed responsibility for the attack.

Last week, the financially motivated group is suspected to have compromised Checkmarx's KICS Docker image, along with the two VS Code extensions and a GitHub Actions workflow with a similar credential-stealing malware. This, in turn, had a cascading impact, leading to a brief compromise of the Bitwarden CLI npm package.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.


文章来源: https://thehackernews.com/2026/04/checkmarx-confirms-github-repository.html
如有侵权请联系:admin#unsafe.sh