Malicious Hackers Compromise Checkmarx KICS Tool to Steal Developer Secrets
Hackers infiltrated the Checkmarx KICS (Keeping Infrastructure as Code Secure) tool, a popular open-source scanner for identifying vulnerabilities in code, dependencies, and configurations. The attack targeted Docker images, VS Code extensions, and Open VSX extensions, deploying malware designed to harvest sensitive data from developer environments.
Security firm Socket uncovered the breach after Docker flagged malicious images in the official checkmarx/kics Docker Hub repository. The compromise extended to VS Code and Open VSX extensions, which secretly downloaded a hidden "MCP addon" from a hardcoded GitHub URL. This addon executed a multi-stage malware (mcpAddon.js) that stole credentials, including:
- GitHub tokens
- Cloud credentials (AWS, Azure, Google Cloud)
- npm tokens
- SSH keys
- Claude configs
- Environment variables
The stolen data was encrypted and exfiltrated to audit.checkmarx[.]cx, a domain mimicking legitimate Checkmarx infrastructure. Attackers also automatically created public GitHub repositories for data exfiltration.
The malicious Docker images were available for 83 minutes on April 22, 2026 (14:17:59–15:41:31 UTC) before being restored to legitimate versions. The fake v2.1.21 tag was removed entirely. While the TeamPCP hacking group, linked to previous supply-chain attacks (Trivy, LiteLLM), claimed responsibility, researchers found only pattern-based correlations and could not confirm attribution.
Checkmarx confirmed the incident in a security bulletin, stating that all malicious artifacts were removed, exposed credentials were revoked, and an investigation with external experts is ongoing. The company advised users to block access to suspicious IPs (91.195.240.123, 94.154.172.43), revert to pinned SHAs, and rotate compromised secrets.
Safe versions of affected tools include:
- DockerHub KICS v2.1.20
- Checkmarx ast-github-action v2.3.36
- Checkmarx VS Code extensions v2.64.0
- Checkmarx Developer Assist extension v1.18.0
Checkmarx TPRM report: https://www.rankiteo.com/company/checkmarx
Docker TPRM report: https://www.rankiteo.com/company/docker
GitHub TPRM report: https://www.rankiteo.com/company/github
"id": "chedocgit1776961598",
"linkid": "checkmarx, docker, github",
"type": "Cyber Attack",
"date": "4/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Developers and organizations '
'using Checkmarx KICS, VS Code '
'extensions, or Open VSX '
'extensions',
'industry': 'Cybersecurity',
'name': 'Checkmarx',
'type': 'Company'}],
'attack_vector': ['Malicious Docker Images',
'Compromised VS Code Extensions',
'Compromised Open VSX Extensions'],
'customer_advisories': 'Users advised to rotate compromised secrets, block '
'suspicious IPs, and revert to pinned SHAs.',
'data_breach': {'data_encryption': True,
'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (GitHub tokens, cloud '
'credentials, SSH keys, PII)',
'type_of_data_compromised': ['Credentials',
'Environment Variables',
'Configuration Files']},
'date_detected': '2026-04-22T15:41:31Z',
'description': 'Hackers infiltrated the Checkmarx KICS (Keeping '
'Infrastructure as Code Secure) tool, a popular open-source '
'scanner for identifying vulnerabilities in code, '
'dependencies, and configurations. The attack targeted Docker '
'images, VS Code extensions, and Open VSX extensions, '
'deploying malware designed to harvest sensitive data from '
'developer environments. The malware stole credentials, '
'including GitHub tokens, cloud credentials (AWS, Azure, '
'Google Cloud), npm tokens, SSH keys, Claude configs, and '
'environment variables. The stolen data was encrypted and '
'exfiltrated to a domain mimicking legitimate Checkmarx '
'infrastructure, and attackers automatically created public '
'GitHub repositories for data exfiltration.',
'impact': {'brand_reputation_impact': 'Moderate to High (supply chain '
'compromise of a security tool)',
'data_compromised': 'Credentials (GitHub tokens, cloud '
'credentials, npm tokens, SSH keys, Claude '
'configs, environment variables)',
'identity_theft_risk': 'High (exposure of PII and credentials)',
'operational_impact': 'Potential unauthorized access to developer '
'environments and cloud resources',
'systems_affected': ['Docker images',
'VS Code extensions',
'Open VSX extensions']},
'initial_access_broker': {'backdoors_established': 'MCP addon (mcpAddon.js '
'malware)',
'entry_point': ['Docker images',
'VS Code extensions',
'Open VSX extensions'],
'high_value_targets': 'Developer environments, '
'cloud credentials, GitHub '
'tokens'},
'investigation_status': 'Ongoing',
'motivation': 'Data Theft, Credential Harvesting',
'post_incident_analysis': {'corrective_actions': 'Removal of malicious '
'artifacts, credential '
'rotation, investigation '
'with external experts, and '
'release of safe versions.',
'root_causes': 'Supply chain compromise of '
'open-source security tool (KICS) '
'and its distribution channels '
'(Docker Hub, VS Code Marketplace, '
'Open VSX).'},
'recommendations': 'Rotate all exposed credentials, revert to pinned SHAs for '
'dependencies, block access to suspicious IPs '
'(91.195.240.123, 94.154.172.43), and update to safe '
'versions of affected tools (DockerHub KICS v2.1.20, '
'Checkmarx ast-github-action v2.3.36, Checkmarx VS Code '
'extensions v2.64.0, Checkmarx Developer Assist extension '
'v1.18.0).',
'references': [{'source': 'Socket Security Firm'},
{'source': 'Checkmarx Security Bulletin'}],
'response': {'communication_strategy': 'Security bulletin issued to users',
'containment_measures': 'Removal of malicious Docker images, VS '
'Code extensions, and Open VSX '
'extensions; revocation of exposed '
'credentials',
'incident_response_plan_activated': True,
'remediation_measures': 'Reversion to pinned SHAs, rotation of '
'compromised secrets, blocking access to '
'suspicious IPs',
'third_party_assistance': True},
'stakeholder_advisories': 'Checkmarx security bulletin advising users to '
'rotate credentials and update to safe versions.',
'threat_actor': 'TeamPCP (attribution not confirmed)',
'title': 'Malicious Hackers Compromise Checkmarx KICS Tool to Steal Developer '
'Secrets',
'type': 'Supply Chain Attack',
'vulnerability_exploited': 'Supply chain compromise of open-source security '
'tool'}