A major supply chain attack has shaken the developer community after the official Docker repository of Checkmarx’s KICS tool was compromised, allowing attackers to distribute malicious container images. The incident highlights how even trusted security tools can become attack vectors when supply chains are breached.

The attack was first detected when Docker flagged unusual activity involving KICS image tags and alerted researchers. Investigations revealed that threat actors had tampered with multiple Docker tags, including v2.1.20 and alpine, and even introduced a fake version—v2.1.21—that did not exist in the official release pipeline. These manipulated images were designed to appear legitimate while secretly embedding malicious functionality.

KICS, short for Keeping Infrastructure as Code Secure, is widely used by DevOps teams to scan configurations like Terraform, Kubernetes, and CloudFormation for vulnerabilities. Because of its deep integration into CI/CD pipelines, the compromise created a high-risk scenario where sensitive infrastructure data could be exposed during routine security scans.

What made the attack particularly dangerous was the modification of the tool’s binary itself. The tampered version, written in Golang, was altered to include hidden telemetry and data exfiltration capabilities. Instead of simply scanning infrastructure code, the infected images collected sensitive data, encrypted it, and transmitted it to attacker-controlled endpoints without raising suspicion. This means organizations using these images may have unknowingly exposed secrets such as API keys, cloud credentials, and configuration data.

As researchers dug deeper, they uncovered that the attack extended beyond Docker. Trojanized versions of Checkmarx-related extensions on development platforms were also discovered, capable of downloading and executing a secondary payload. This payload acted as a powerful credential stealer, targeting GitHub tokens, cloud service credentials, SSH keys, and environment variables. The stolen data was then compressed, encrypted, and exfiltrated, making detection even more difficult.

The attackers didn’t stop at data theft. Using compromised credentials, they attempted to move laterally by injecting malicious workflows into GitHub repositories. These workflows were designed to extract secrets from CI/CD pipelines, allowing the attackers to expand their reach further into the software supply chain. There were also signs of attempts to republish compromised npm packages, indicating a broader effort to spread the attack across multiple ecosystems.

The group known as TeamPCP is believed to be behind the attack, even appearing to publicly claim responsibility. This aligns with their previous campaigns targeting developer tools and open-source ecosystems earlier in 2026.

Although the affected Docker images have now been restored to legitimate versions and the repository secured, the impact may persist for organizations that used the compromised versions. Security experts strongly recommend rotating all exposed credentials, auditing repositories for unauthorized changes, and reviewing logs for suspicious activity.

This incident serves as a stark reminder that supply chain attacks are becoming more sophisticated and far-reaching. Even tools designed to improve security can become entry points for attackers if proper safeguards, such as image verification and strict access controls, are not in place.

Recommended Cyber Technology News:

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com  



🔒 Login or Register to continue reading