🔓 Data Breaches

[2026] Checkmarx KICS Supply-Chain Hack Steals Secrets in 84 Minutes

In a blistering 84-minute window on April 22, 2026, attackers turned Checkmarx's KICS tool against its users, siphoning secrets from Docker pulls and VSCode extensions. This isn't just another breach—it's a blueprint for how supply-chain attacks are evolving.

CVE Watch Apr 24, 2026 4 min read
Malicious Docker Hub repository with Checkmarx KICS images compromised by hackers

⚡ Key Takeaways

  • Attack lasted 84 minutes via repointed Docker tags, stealing precise dev secrets through KICS. 𝕏
  • VSCode extensions hid 'MCP addon' pulling multi-stage malware—hardcoded GitHub URLs were key vuln. 𝕏
  • Rotate creds if you pulled during window; pin SHAs to prevent repeats. 𝕏
  • Echoes SolarWinds but faster, dev-tool focused—expect attestation mandates by 2027. 𝕏
Published by

CVE Watch

Threat intelligence. Zero noise.

#Checkmarx KICS #Checkmarx breach #Docker compromise #Docker malware #KICS supply-chain attack #VSCode extension malware #VSCode-malware #credential theft #supply chain attack

Worth sharing?

Get the best Cybersecurity stories of the week in your inbox — no noise, no spam.

Originally reported by Bleeping Computer

Related Stories

📬

Stay in the loop

The week's most important stories from CVE Watch, delivered once a week.

No spam. Unsubscribe any time.