Skip to content
The Nexus
SECURITYApr 22 · 17:55 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Cybersecurity researchers warned of malicious Docker images and VS Code extensions in Checkmarx's supply chain. Socket revealed threat actors overwrote tags like v2.1.20 and alpine in the 'checkmarx/kics' Docker Hub repository and introduced a fake v2.1.21 tag.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this