CheckMarx admits it was hit by major cyberattack that saw data leaked onto Dark Web
CheckMarx has confirmed it suffered a data breach following a March 2026 supply chain attack that led to stolen data being posted on the dark web. The compromised information originated from its GitHub repository, accessed via a prior breach of the open-source tool Trivy. The company is investigating claims that source code, API keys, and employee details were exfiltrated. CheckMarx has restricted access to the affected repository and will notify users if personal data was compromised.
- ▪CheckMarx confirmed a data breach after its data appeared on the dark web in April 2026.
- ▪The breach stemmed from a March 23, 2026, supply chain attack on Trivy, which allowed attackers to access CheckMarx's GitHub repository.
- ▪Stolen data reportedly includes source code, API keys, MongoDB and MySQL credentials, and employee information.
- ▪The threat actor Lapsus$ claimed responsibility and published the stolen CheckMarx data online.
- ▪CheckMarx has blocked access to the compromised repository and is continuing its investigation.
Opening excerpt (first ~120 words) tap to expand
Pro Security CheckMarx admits it was hit by major cyberattack that saw data leaked onto Dark Web News By Sead Fadilpašić published 28 April 2026 March 2026 attack did result in CheckMarx data theft When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. OpenVPN-protokollet - därför är det så bra (Image credit: Shutterstock) Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter CheckMarx confirms breach tied to a recent supply chain attackStolen data originated from its GitHub repository, with investigations still ongoingThreat actors later claimed to have exfiltrated source code and sensitive…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechRadar.
Discussion
0 commentsMore from TechRadar
