Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
By Dan Goodin
Published on April 29, 2026.
Security firm Checkmarx has been targeted twice in the past year, with a recent supply-chain attack on Trivy. The attackers used their access to push malware to customers, including one of the security firm's users. Four days later, the company's GitHub account was compromised and the attackers began pushing malware. Despite efforts to remove them from the account, this new attack appears to have occurred.
Related Articles
John Ternus' first major challenge is dealing with quadrupled iPhone memory prices
John Ternus, Apple's next CEO, faces challenges with quadrupled iPhone memory prices and global manufacturing demands, including maintaining U.S production and China exports.
Exclusive: Val Kilmer’s Daughter Speaks out on AI Recreation
Mercedes Kilmer's daughter discusses the positive and negative reactions to using generative AI, or "Ethic" as it is better known, as she describes it, in her first interview since her death.
PayPal says AI shopping agents are creating an invisible storefront economy
PayPal.com believes AI agents are transforming agentic commerce into an invisible storefront economy, yet most merchants lack basic infrastructure to support them.