← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malicious Checkmarx Artifacts Found in Official KICS Docker Repository and Code Extensions
WHITE CyberHunter_NL 2026-04-23 Modified: 2026-05-23
21
IOCs
MEDIUM VOLUME
Security firm Checkmarx has been the target of a serious supply chain compromise, according to researchers at the Socket Research Team and the Open Source Software (OSS) in the United States and Canada.
githubgithub actionscheckmarxdockerkics imageyamlsocketdocker hubkicsvs codeaprilopenpowershelldunecodemcpaddon.js
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
mcpAddon.js KICS
Indicators of Compromise (2 / 21 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 d47de3772f2d61a043e7047431ef4cf4 MD5 of 2b12cc5cc91ec483048abcbd6d523cdc9ebae3f3 2026-04-23
FileHash-MD5 e1023db24a29ab0229d99764e2c8deba MD5 of 250f3633529457477a9f8fd3db3472e94383606a 2026-04-23
References (1)
↗ https://socket.dev/blog/checkmarx-supply-chain-compromise