indicatorurl
hxxps://audit[.]checkmarx[.]cx/v1/telemetry
- First seen
- 2026-05-13
- Last seen
- 2026-05-13
- Sightings
- 3
Posts referencing this indicator
- Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft
KICS payload exfiltration C2 endpoint
- Supply chain attacks hit Checkmarx and Bitwarden developer tools
Specific endpoint used by the malicious payloads to exfiltrate stolen data.
- Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions
C2 and exfiltration endpoint for stolen credentials