Checkmarx Confirms GitHub Repository Data Leaked and Published on Dark Web

Application security firm Checkmarx has confirmed that data from an internal GitHub repository has been leaked on the dark web following a recent security incident.

The disclosure was made on April 27, 2026, by Udi-Yehuda Tamar, VP of Platform Engineering and Global CISO at Checkmarx.

According to the company, the breach is linked to a previously disclosed supply chain attack that occurred on March 23, 2026.

Threat actors are believed to have leveraged this earlier compromise to gain unauthorized access to internal development resources, ultimately leading to the publication of repository data weeks later.

This incident underscores the long-tail risks associated with supply chain attacks, where initial access can persist undetected and result in secondary data exposures long after the initial intrusion.

Investigation and Customer Impact Assessment

Checkmarx has engaged a leading third-party forensic firm to conduct a comprehensive investigation into the breach.

The primary objective is to determine the scope of the exposed data and identify any potential risks to customers.

Despite the presence of data on dark web forums, the company has emphasized that the compromised GitHub repository is isolated from its production infrastructure.

According to official statements:

• The affected repository operates independently of customer-facing environments.
• Internal policies prohibit the storage of customer data within development repositories.
• Forensic teams are actively analyzing leaked data to confirm its contents.
• Customers will be notified immediately if any sensitive or customer-related data is identified.

This architectural separation is a critical mitigation factor, reducing the likelihood of direct customer impact.

By maintaining strict boundaries between development and production systems, Checkmarx aims to contain the potential blast radius of the incident.

In response to the breach, Checkmarx has implemented immediate containment actions to prevent further unauthorized access.

All access to the compromised GitHub repository has been fully restricted, effectively locking down the affected environment.

Security teams are now focused on forensic analysis, including tracing attacker activity, identifying lateral movement, and assessing whether additional systems were impacted.

The secured repository environment allows investigators to safely analyze artifacts without risking further exposure.

The company has indicated that a more detailed technical update will be released within 24 hours, providing additional insights into the attack vector, affected assets, and remediation progress.

Organizations using Checkmarx solutions are advised to remain vigilant and closely monitor official communications from the vendor.

While no direct customer impact has been confirmed, proactive security practices are recommended.

Customers with concerns or requiring technical clarification are encouraged to:

• Contact Checkmarx support through the official support portal.
• Review internal security logs for any anomalous activity.
• Validate integration points with Checkmarx services as a precaution.

This incident highlights the evolving threat landscape surrounding software supply chains, where attackers increasingly target development ecosystems to gain strategic footholds.

As investigations continue, further disclosures are expected to shed light on attacker techniques and potential preventive measures.

Checkmarx’s response and transparency will be closely watched as the cybersecurity community assesses the broader implications of this breach.

Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google

The post Checkmarx Confirms GitHub Repository Data Leaked and Published on Dark Web appeared first on Cyber Security News.