Checkmarx Confirms LAPSUS$ Hackers Leaked Its Stolen GitHub Data

What happened

Application security company Checkmarx has confirmed that the LAPSUS$ extortion group published data stolen from its private GitHub repository, with 96 gigabytes of data made available through both dark web portals and clearnet sites.

Checkmarx’s investigation, conducted with a third-party forensic firm, traces the breach to the Trivy supply chain attack attributed to TeamPCP in March 2026. Credentials stolen from downstream users of the compromised Trivy vulnerability scanner were used to access Checkmarx’s GitHub repositories on March 23, where attackers published malicious code to certain artifacts. The attacker maintained access or regained it by April 22, when malicious Docker images and VS Code and Open VSX extensions for Checkmarx’s KICS security scanner were published, designed to steal credentials, keys, tokens, and configuration files. That April incident was covered previously as a separate supply chain breach before its connection to the March compromise was established.

Checkmarx confirmed that the LAPSUS$ publication contains data originating from the March 23 GitHub compromise. The company stated the leaked data does not contain customer information, as customer data is not stored in the affected GitHub repository, but has not yet confirmed what the 96 gigabyte package does contain. A forensic investigation is ongoing. Access to the affected repository has been blocked pending completion of that investigation, and Checkmarx has committed to notifying affected individuals immediately if customer data is found in the leaked material.

Who is affected

Checkmarx has stated that customer data is not stored in the compromised GitHub repository, but the forensic investigation is still active and the full contents of the leaked package have not been confirmed. Developers and organizations that used Checkmarx’s KICS scanner, the compromised VS Code extensions, or any artifacts from the affected GitHub environment during the exposure window remain at risk of credential exposure from the April supply chain phase of the attack.

Why CISOs should care

The Checkmarx incident now spans two months, two distinct attack phases, and two separate threat actor groups operating from the same initial access point. TeamPCP’s Trivy supply chain attack in March provided credentials that enabled the GitHub compromise. Those credentials enabled the April KICS Docker and extension compromise. LAPSUS$ then obtained and published the stolen data. That chain illustrates how a single upstream supply chain breach can produce downstream consequences that compound over time and involve multiple threat actors exploiting the same access.

For security leaders, the more important question is not whether Checkmarx’s customer data is in the leaked package. It is whether credentials or artifacts from Checkmarx’s compromised environment exist in their own developer infrastructure, and whether those have been rotated since the March incident.

3 practical actions

Rotate any credentials, tokens, or API keys associated with Checkmarx tools or GitHub Actions workflows that may have been exposed during the March or April compromise windows: The attack chain specifically targeted credentials from downstream users of compromised tools. Do not wait for Checkmarx’s forensic findings to complete before treating potentially exposed credentials as compromised.

Audit your organization’s dependency on Checkmarx artifacts, GitHub Actions, and KICS infrastructure for the affected period: Identify whether your CI/CD pipelines pulled any Checkmarx-related artifacts between March 23 and April 22 and assess whether those pulls could have introduced malicious code or exposed environment credentials to the attacker’s collection infrastructure.

Treat the Trivy-Checkmarx-LAPSUS$ chain as a case study for supply chain dependency risk in your own environment: A single compromised open-source security tool produced a credential exposure that cascaded through a major application security vendor and into a LAPSUS$ data leak. Map your own critical toolchain dependencies and assess what a single upstream compromise could reach in your environment.