- Checkmarx confirms stolen data from its GitHub repository was published on the dark web.
- The company states no customer data was stored in the compromised repository.
- The breach originated from a recent supply chain attack affecting its development tools.
Israeli security firm Checkmarx confirmed on April 27, 2026, that cybercriminals have published company data stolen from its GitHub repository on the dark web, according to its own investigation update. The incident was initially triggered by a supply chain attack on March 23, 2026, which compromised several of its development tools and workflows.
Checkmarx emphasized that the breached repository is separate from its customer production environment. Consequently, it stated that no customer data was stored there, though the forensic probe to verify the scope of the published data remains ongoing. The company has locked down access to the affected repository and pledged to notify customers immediately if their information was involved.
The disclosure follows a report by the Dark Web Informer, which shared that the LAPSUS$ group had listed Checkmarx as a victim, claiming the data included source code, employee databases, and credentials. Meanwhile, the breach itself stemmed from the earlier Trivy supply chain attack, which tampered with GitHub Actions workflows and VS Code extensions to push credential-stealing malware.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
