Bright Nexus

Published on April 23, 2026

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Severity
Medium

Detail

Cybersecurity researchers have uncovered a major supply chain attack targeting developer tools from Checkmarx, involving compromised Docker images and malicious Visual Studio Code extensions. Threat actors successfully tampered with the official “checkmarx/kics” Docker Hub repository by overwriting legitimate image tags such as v2.1.20 and alpine, and introducing a fake version (v2.1.21). These poisoned images contained a modified KICS binary with hidden data exfiltration capabilities.

The malware embedded within these images can generate scan reports, encrypting them, and transmitting sensitive data such as infrastructure configurations and credentials to attacker-controlled servers. This poses a serious risk, especially for teams using KICS to scan Infrastructure-as-Code (IaC) files. In addition, multiple Visual Studio Code extensions associated with Checkmarx were also compromised. Certain versions silently downloaded and executed malicious JavaScript payloads from a GitHub repository without user consent or verification. The attack is believed to be part of a broader campaign, potentially linked to the threat group TeamPCP, known for targeting software supply chains.

How?

The attack chain is highly sophisticated and unfolds in multiple stages, starting with the compromise of Docker images and developer tools. Attackers modified official KICS Docker images by inserting a malicious Golang-based binary disguised as a legitimate scanner. Once executed, this binary silently collects sensitive data and sends it to a command-and-control (C2) server. At the same time, compromised extensions in Visual Studio Code, such as cx-dev-assist and ast-results, download a hidden script called “mcpAddon.js” from GitHub when activated. This script is designed to harvest a wide range of credentials, including GitHub tokens, AWS, Azure, and GCP credentials, SSH keys, npm configurations, and environment variables. The stolen data is then compressed, encrypted, and exfiltrated to attacker-controlled infrastructure.

The attackers further abuse GitHub to maintain persistence and expand their reach. Using stolen GitHub tokens, they create public repositories to store exfiltrated data and inject malicious GitHub Actions workflows into victim repositories. These workflows are used to extract CI/CD secrets during execution, after which the attackers delete traces to avoid detection. In the final stage, the attack becomes worm-like by leveraging stolen npm credentials to identify packages the victim has permission to modify. The attackers then republish these packages with malicious code, enabling the malware to spread across the npm ecosystem and infect additional users and environments.

Recommendation & Conclusion

Immediate action is required to mitigate the threat:

  • Remove affected Docker images and VS Code extensions
  • Rotate all credentials (GitHub, npm, cloud, SSH, environment variables)
  • Audit repositories for unauthorized workflows and changes
  • Check for suspicious repository creation or activity
  • Monitor CI/CD pipelines and logs for anomalies

In conclusion, this is a high-impact supply chain attack that demonstrates how attackers are increasingly targeting developer ecosystems to gain widespread access. By compromising trusted tools, threat actors can silently infiltrate multiple environments, making proactive monitoring and strict credential management essential.

Source

https://thehackernews.com/2026/04/malicious-kics-docker-images-and-vs.html