Threat Digest

Screenshot of a server room with glowing red lights indicating a security breach.

Checkmarx Jenkins Plugin Hijacked [Infostealer Attack]

Just when you thought CI/CD pipelines were safe, Checkmarx’s Jenkins plugin gets roped into a supply-chain attack. TeamPCP strikes again.

5 min read 1 week, 4 days ago

A diagram comparing chaotic manual security detection processes with a structured code-based approach.

Security Tools

Security Detections: From Chaos to Code [Rapid7's Approach]

For years, software development has had discipline. Security detection? Not so much. Rapid7 is trying to fix that with 'Detection as Code,' a move that’s long overdue.

7 min read 2 weeks ago

Malicious Axios npm package details with RAT indicators on screen

Compliance & Policy

Axios npm Poisoning: Hackers Hijack Your Dev Secrets via 100M Downloads

One npm install, and boom—your cloud keys are en route to a hacker's server. Axios, the unsung hero of JS networking, just got turned into a trojan horse.

4 min read 1 month, 2 weeks ago

#devsecops

Checkmarx Jenkins Plugin Hijacked [Infostealer Attack]

Security Detections: From Chaos to Code [Rapid7's Approach]

Axios npm Poisoning: Hackers Hijack Your Dev Secrets via 100M Downloads