Checkmarx Confirmed on May 11 a Malicious Version of Its Jenkins AST Plugin Was Published to the Jenkins Marketplace. Third TeamPCP Compromise of Checkmarx in Three Months. CVE-2026-33634, CVSS 9.4.Atarus Security TeamMay 130 min read
We get past MFA on most engagements, and we almost never break it. Here is how, and what actually stops us.
Researchers caught a low-skilled attacker using AI agents to breach 14 companies. The uncomfortable part is that the AI mostly weaponized bugs you already have a patch for.
Five days, ten exploited bugs, almost none of them touched a core app. A week attackers spent walking in through everything else.
Comments