Unidentified adversaries have subverted the Checkmarx plugin for Jenkins, embedding deleterious code designed for credential exfiltration. This incursion represents the latest installment in a persistent series of software supply chain attacks orchestrated by the...
Trajan: CI/CD Security Scanner Trajan scans CI/CD pipelines for security vulnerabilities that attackers use to compromise software supply chains. It supports GitHub Actions, GitLab CI, Azure DevOps, Jenkins, and JFrog. What it does Trajan...
Numerous publicly available Proof-of-Concept (PoC) exploits for a critical vulnerability in Jenkins, which allow an unauthenticated attacker to read arbitrary files, have emerged, and cyber criminals are already actively leveraging these flaws in their...
