New Checkmarx supply-chain breach affects KICS analysis tool
Summary
Hackers have compromised Docker images, VSCode, and Open VSX extensions for Checkmarx's KICS analysis tool. This breach allows attackers to harvest sensitive data from developer environments. The attackers injected malicious code into the extensions to steal information.
IFF Assessment
This is bad news for defenders as it represents a compromise of a widely used security tool, potentially exposing sensitive developer information and further compromising development pipelines.
Defender Context
This incident highlights the increasing risk to software supply chains and development tools, even those designed for security. Defenders should be vigilant about the integrity of their development tools and be prepared for potential compromises affecting their own pipelines. This also underscores the need for robust security practices beyond the code itself, including the security of development environments and third-party tools.