indicatordomain
audit[.]checkmarx[.]cx
- First seen
- 2026-05-13
- Last seen
- 2026-05-14
- Sightings
- 2
Posts referencing this indicator
- TeamPCP-Linked Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packages
Threat-actor-controlled domain used in prior TeamPCP-linked variants for telemetry and C2
- Supply chain attacks hit Checkmarx and Bitwarden developer tools
Shared C2 domain used for exfiltrating harvested credentials and secrets.