Full Report
Multiple malicious versions of Checkmarx projects have been published, including Docker images and VS Code extensions (this included both publishing new malicious image versions and pointing existing tags to malicious instances). This is a new incident, separate from the March...
Analysis Summary
# Incident Report: Compromise of Checkmarx Projects and Bitwarden CLI
## Executive Summary
In April 2026, a threat actor known as TeamPCP executed a coordinated supply chain attack by publishing malicious versions of Checkmarx KICS and VS Code extensions, followed by an attack on the Bitwarden CLI npm package. The malicious components were designed to harvest and exfiltrate secrets, npm tokens, and facilitate further supply chain compromises. The incident resulted in temporary exposure of popular developer tools across Docker Hub, VS Code Marketplace, and npm.
## Incident Details
- **Discovery Date:** April 22, 2026
- **Incident Date:** April 22 – April 23, 2026
- **Affected Organization:** Checkmarx, Bitwarden (via npm)
- **Sector:** Software Development / Cybersecurity
- **Geography:** Global
## Timeline of Events
### Initial Access
- **Date/Time:** April 22, 2026
- **Vector:** Supply Chain Compromise (Package/Registry injection)
- **Details:** Malicious versions/tags of Checkmarx developer tools were uploaded to Docker Hub, Visual Studio Marketplace, and GitHub Actions.
### Lateral Movement
- **Details:** The malicious VS Code extensions contained functionality specifically designed to steal **npm tokens**, which could be leveraged to gain unauthorized access to other repositories and escalate the supply chain attack further.
### Data Exfiltration/Impact
- **Impact:** The malware targeted sensitive information including environment secrets and credentials. Stolen data was encrypted before being exfiltrated to attacker-controlled infrastructure.
### Detection & Response
- **Detection:** Identified on April 22, 2026.
- **Response:** Checkmarx published a security update; Docker Hub images were removed by 18:20 UTC on April 22. Bitwarden CLI package was remediated shortly after the malicious version appeared on April 23.
## Attack Methodology
- **Initial Access:** Supply Chain Compromise (unauthorized publication of malicious updates/tags).
- **Persistence:** Maintenance of malicious extensions on OpenVSX and Visual Studio Marketplace.
- **Privilege Escalation:** Not explicitly stated, though token theft suggests intent.
- **Defense Evasion:** Use of encryption for exfiltrated data to bypass network monitoring.
- **Credential Access:** Automated harvesting of secrets and npm authentication tokens.
- **Discovery:** Scanning for local environment variables and repository secrets.
- **Lateral Movement:** Using stolen npm tokens to pivot into other software supply chains.
- **Collection:** Gathering sensitive environment data.
- **Exfiltration:** Encrypted data transfer to external servers.
- **Impact:** Supply chain compromise and potential downstream credential exposure.
## Impact Assessment
- **Financial:** Not disclosed; costs involve IR and remediation efforts.
- **Data Breach:** Exfiltration of secrets and credentials from developer environments.
- **Operational:** Disruption of CI/CD pipelines using KICS or Bitwarden CLI; emergency removal/rollback of tools.
- **Reputational:** Significant impact to Checkmarx and Bitwarden as trusted security/utility providers.
## Indicators of Compromise
- **Network indicators:** [Exfiltration endpoints - defanged]: hxxps[://]checkmarx[.]com/blog/checkmarx-security-update-april-22/ (Reference for official IOC list)
- **File indicators:**
- Malicious Docker Image: Checkmarx KICS (Docker Hub)
- Malicious Extension: Checkmarx VS Code Extension (VS Marketplace/OpenVSX)
- Malicious Package: `@bitwarden/cli` (npm)
- **Behavioral indicators:** Unexpected outbound encrypted traffic from developer IDEs or CI/CD runners toward unauthorized domains.
## Response Actions
- **Containment measures:** Removal of malicious images from Docker Hub and the GitHub Actions tag `ast-github-action`.
- **Eradication steps:** Takedown requests for malicious extensions on OpenVSX and VS Marketplace; removal of the malicious `@bitwarden/cli` version from npm.
- **Recovery actions:** Checkmarx issued public security advisories advising users to revert to known-good versions and rotate all secrets that may have been exposed.
## Lessons Learned
- **Trust is Transitive:** Even security companies (Checkmarx) can be vectors for attacks; trust in developer tools must be verified.
- **Extension Vulnerability:** VS Code and OpenVSX ecosystems remain high-value targets due to the high level of permissions developers often grant their IDEs.
- **Registry Lag:** Malicious content persisted on OpenVSX longer than on Docker Hub, highlighting inconsistent response times across different registries.
## Recommendations
- **Pin Dependencies:** Use specific SHA-256 hashes for Docker images and GitHub Actions rather than mutable tags.
- **Secret Rotation:** Organizations affected must rotate all CI/CD secrets, npm tokens, and cloud credentials immediately.
- **Network Filtering:** Implement egress filtering on CI/CD runners to prevent unauthorized data exfiltration.
- **Token Security:** Use short-lived, scoped access tokens for npm and other package registries to limit the blast radius of token theft.