A significant software supply chain attack has struck the official Checkmarx KICS (Keeping Infrastructure as Code Secure) Docker Hub repository, raising serious concerns across the developer and cybersecurity communities. The breach, which researchers identified on April 22, 2026, through collaborative efforts by Docker and Socket, involved malicious Docker images and compromised Visual Studio Code extensions engineered to steal sensitive credentials.

To begin with, threat actors infiltrated the Checkmarx/Kics Docker repository by pushing malicious images that replaced trusted tags. Specifically, affected versions included v2.1.20, v2.1.20-debian, alpine, debian, and latest. In addition, attackers introduced a fake v2.1.21 tag, which did not align with any legitimate upstream release from Checkmarx. As a result, unsuspecting developers may have pulled compromised images into their environments.

Moreover, these infected Docker images contained a tampered Golang binary. This binary generated uncensored Infrastructure as Code (IaC) scan reports, encrypted them, and quietly transmitted the data to an attacker-controlled telemetry endpoint. Consequently, sensitive infrastructure insights were exposed without users’ awareness.

At the same time, the attack expanded into developer tools. Malicious actors altered Checkmarx VS Code extensions (versions 1.17.0 and 1.19.0) by embedding a concealed “MCP addon.” Once activated, this feature downloaded and executed a harmful JavaScript payload named mcpAddon.js using the Bun runtime. To remain undetected, attackers manipulated Git history by inserting a backdated orphaned commit into the official repository.

Furthermore, the obfuscated 10MB payload acted as a powerful token stealer. It specifically targeted GitHub authentication tokens, AWS, Microsoft Azure, and Google Cloud credentials, along with NPM configuration files, SSH keys, and environment variables. Consequently, attackers gained extensive access to developer environments and cloud systems.

In addition, the malware leveraged stolen GitHub tokens to create public staging repositories under victim accounts. These repositories, disguised as “Checkmarx Configuration Storage,” temporarily stored encrypted exfiltrated data. Interestingly, attackers used naming conventions inspired by the Dune universe, such as gesserit-melange-813 and prescient-sandworm-556.

The attack did not stop there. Using compromised credentials, the malware injected a malicious GitHub Actions workflow called format-check.yml into writable repositories. This workflow extracted secrets and uploaded them as downloadable artifacts. Simultaneously, attackers parsed .npmrc files to identify maintained packages and republished them with malicious code, thereby spreading the infection across the open-source ecosystem.

Notably, the threat group TeamPCP has publicly claimed responsibility for the attack. This group has previously conducted similar supply chain campaigns targeting Trivy and LiteLLM earlier in 2026.

Given the severity of the breach, organizations using Checkmarx KICS must act immediately. Security teams should remove affected Docker images and VS Code extensions, rotate all compromised credentials, and audit systems for suspicious repositories and workflows.

Recommended Cyber Technology News:

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com