Developer supply‑chain compromise

Software that developers use to scan code and ship updates was turned against them this week, after researchers found malicious Checkmarx Docker images and Visual Studio Code extensions stealing secrets. (socket.dev) Docker and Socket said attackers overwrote trusted tags in the official `checkmarx/kics` repository, including `v2.1.20`, `v2.1.20-debian`, `alpine`, `debian`, and `latest`, and added a fake `v2.1.21` tag. Socket said the poisoned KICS binary could collect scan results, encrypt them, and send them to an outside server. (socket.dev) The same investigation found suspicious Checkmarx-related Visual Studio Code extension releases, with remote-code behavior in versions `1.17.0` and `1.19.0` and that code absent in `1.18.0`. Socket said those releases fetched JavaScript from a hardcoded GitHub address and ran it through the Bun runtime without integrity checks. (socket.dev) A software supply-chain attack works like tampering with a factory mold instead of the finished product: one poisoned tool can spread bad code to every team that trusts it. KICS is used to scan Terraform, Kubernetes, and other infrastructure files that often contain cloud keys, tokens, and internal settings. (socket.dev) This Checkmarx case followed a March 24 report that two Checkmarx GitHub Actions had also been poisoned with the same “TeamPCP Cloud stealer” seen in the Trivy compromise. Sysdig, cited by The Hacker News, said the malware harvested secrets from continuous-integration runners and exfiltrated them to a typosquatted domain designed to look like a vendor system. (thehackernews.com) The npm ecosystem was hit by a related pattern in March, when researchers described a self-propagating worm now tracked as CanisterWorm. JFrog said the malware ran from a malicious `postinstall` hook, dropped a Python backdoor, searched `.npmrc` files and environment variables for tokens, and then used stolen credentials to publish infected updates to other packages owned by the same developer. (research.jfrog.com) Socket said the campaign first appeared in compromised publisher namespaces including `@emilgroup` and `@teale.io`, while later reporting traced the worm across 29 or more packages. JFrog said it later identified additional compromised versions beyond the first public disclosures. (socket.dev) (research.jfrog.com) A separate March breach claim involving Navigate360’s P3 platform widened the fallout beyond developer tooling and into stored data. Multiple reports said a hacker claimed to have taken 93 gigabytes containing about 8.3 million tips submitted from 1987 through November 2025, including information tied to school safety programs, Crime Stoppers, and military reporting. (privacywire.org) (malwarebytes.com) PrivacyWire said Navigate360 had not publicly confirmed the breach or posted notice to affected people as of April 22, while Reuters-based summaries reported the Federal Bureau of Investigation declined comment in March. The claimed dataset, according to those reports, included tipster names and details about the people they reported, despite promises of anonymity. (privacywire.org) (newsmax.com) The common thread is not one company or one package manager, but the trust developers place in official images, extensions, actions, and registries. Once that trust is abused, the breach can move from a single download to cloud credentials, code pipelines, and years of stored records. (socket.dev) (research.jfrog.com)