VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Malicious KICS images and VS Code extensions in Checkmarx supply chain

Вредоносные образы KICS и расширения VS Code в цепочке поставок Checkmarx

Colleagues, a cybersecurity alert: the Checkmarx supply has been compromised — malicious KICS images and VS Code extensions detected.

What happened:
- Socket: tags in checkmarx/kics on Docker Hub were overwritten (including v2.1.20, alpine) and an unofficial v2.1.21 was added; the repo was archived.
- The altered KICS built, encrypted and exfiltrated scan reports to an external endpoint.
- VS Code (1.17.0, 1.19.0) fetched remote code via Bun without confirmation; 1.18.0 did not.

Why it matters: IaC check secrets are likely compromised — immediate audit required.

How do you respond to such incidents?

#cybersecurity #supplychain #IaC #DevSecOps

Latest comments

No comments yet.