The cybersecurity landscape continues to face significant threats across multiple sectors this morning, with compromised development tools, educational platform vulnerabilities, and major government and business data breaches dominating the threat intelligence landscape.
Checkmarx has issued a critical warning regarding a malicious version of its Jenkins Application Security Testing plugin that was published on the Jenkins Marketplace. The compromised plugin, identified as version 2026.5.09, contains the TeamPCP credential stealer malware, which poses a significant risk to organizations utilizing this development tool. Source: Official CheckMarx Jenkins package compromised with infostealer
This incident represents a serious supply chain attack vector, as Jenkins plugins are widely deployed across enterprise development environments. Organizations that have installed the affected version should immediately audit their systems for signs of compromise and credential theft.
Education technology provider Instructure has confirmed that threat actors exploited a security vulnerability in Canvas to modify login portals and display extortion messages to users. The vulnerability allowed unauthorized modification of the authentication interface, creating a direct attack surface against educational institutions relying on the platform. Source: Instructure confirms hackers used Canvas flaw to deface portals
This incident highlights the risks faced by educational institutions and demonstrates how portal defacement can be leveraged as part of extortion campaigns targeting sensitive sectors.
A threat actor has claimed to have exfiltrated over 18 million records from La Suite Numérique, the official digital workspace and collaboration suite operated by the French government. The alleged breach represents a significant compromise of government digital infrastructure and sensitive administrative data. Source: ‼️🇫🇷 La Suite Numérique allegedly breached exposing over 18 million records from the French gov...
The scale and nature of this alleged breach underscore the critical importance of securing government digital infrastructure and suggest potential implications for French administrative operations and citizen data protection.
A threat actor operating in collaboration with NyxarGroup claims to have exfiltrated approximately 12 terabytes of data from Emergia Contact Center and its client Conalcréditos, a Colombian and Spanish business process outsourcing firm. The breach reportedly affects data from the primary organization and 75 client companies that utilize Emergia's services. Source: ‼️🇨🇴 Emergia Contact Center allegedly breached exposing 12 TB of data from the Colombian/Spanis...
This supply chain incident demonstrates the cascading impact of breaches at service providers, with a single compromise affecting dozens of downstream organizations across multiple sectors and jurisdictions.
Organizations across development, education, government, and business services sectors should prioritize immediate threat assessment and response measures given the severity and scope of incidents reported this morning.
Source articles and extracted indicators (defanged where appropriate).
