Ongoing supply-chain attack 'explicitly targeting' security, dev tools
Summary
Software security firm Checkmarx has confirmed that data exposed online appears to originate from one of its GitHub repositories. This incident follows claims by the Lapsus$ extortion group that they had dumped the company's source code, secrets, and other sensitive information.
IFF Assessment
This is bad news for defenders as it indicates a successful compromise of a security vendor, potentially leading to further attacks through compromised tools.
Defender Context
This ongoing supply chain attack targeting security and development tools highlights the critical need for robust security measures within software vendors themselves. Defenders should be vigilant about potential compromises of tools they rely on and ensure their own development pipelines have strong security checks in place.