ZCyberNews
中文
Industry NewsHigh2 min read

Checkmarx Confirms GitHub Data Leak After March 23 Supply Chain Attack

Checkmarx confirmed a cybercriminal group published GitHub repository data on the dark web, traced to a March 23 supply chain attack.

Checkmarx Confirms GitHub Data Leak After March 23 Supply Chain Attack

Executive Summary

Checkmarx, an application security testing provider, confirmed that a cybercriminal group published data from its GitHub repository on the dark web, according to a disclosure by the company. The leaked data, which includes source code and internal documents, originated from a supply chain attack that occurred on March 23, 2026. The company stated that its investigation is ongoing and that no customer data has been confirmed compromised at this time.

Technical Analysis

The initial breach vector was a supply chain attack on March 23, 2026, which provided the threat actors with access to Checkmarx's GitHub repository. Checkmarx's investigation revealed that the attackers exfiltrated repository data and subsequently published it on dark web forums. The company has not disclosed the specific method of the initial compromise, but supply chain attacks often involve compromised credentials, third-party dependencies, or CI/CD pipeline vulnerabilities. The published data includes proprietary source code and internal documentation, which could be used by adversaries to identify vulnerabilities in Checkmarx's products or to craft targeted attacks against its customers.

Checkmarx has not yet identified the threat actor group responsible, and no ransom demand or extortion note has been publicly reported. The company is working with law enforcement and external incident response teams to determine the full scope of the breach.

Mitigations & Recommendations

Organizations using Checkmarx products should monitor the company's official channels for updates on the investigation and any security advisories. While Checkmarx stated that customer data was not affected, users should review their own access logs and credentials for any signs of unauthorized activity. Defenders should also consider rotating any API keys or tokens that may have been stored in Checkmarx's GitHub repositories. Given the nature of supply chain attacks, companies should audit their own third-party dependencies and CI/CD pipelines for similar risks.

Stay Updated

Get the latest cybersecurity news delivered to your inbox.

Tags:#checkmarx#supply-chain-attack#github-breach#dark-web-leak#source-code-exposure

Related Articles

OpenAI Breached in TanStack Supply Chain AttackHIGH
Industry News

OpenAI Breached in TanStack Supply Chain Attack

OpenAI says two employees' devices were compromised in the TeamPCP Mini Shai-Hulud campaign, forcing rotation of code-signing certificates across macOS, Windows, iOS, and Android.

3 min readTeamPCP
Trellix Source Code Breach Exposes Security Product InternalsHIGH
Industry News

Trellix Source Code Breach Exposes Security Product Internals

Attackers stole source code from Trellix, exposing detection logic and control locations in its security products. The breach amplifies supply chain risks for enterprise customers.

2 min read
Grafana GitHub Token Breach Lets Attacker Download Full CodebaseHIGH
Industry News

Grafana GitHub Token Breach Lets Attacker Download Full Codebase

An attacker used a compromised GitHub token to download Grafana's entire private codebase. The company says no customer data was accessed and the incident involved an extortion...

3 min read