TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

The cybercrime group TeamPCP compromised the Checkmarx Jenkins AST plugin by exploiting credentials obtained from a previous supply chain attack. Checkmarx has since released a patched version of the plugin to address the malicious code and mitigate the security breach.