Multiple malicious versions of Checkmarx projects have been published, including Docker images and VS Code extensions (this included both publishing new malicious image versions and pointing existing tags to malicious instances). This is a new incident, separate from the March 23, 2026 case. TeamPCP has publicly claimed responsibility for this incident.
On April 22, malicious versions of Checkmarx’s KICS Docker image were hosted on Docker Hub, malicious versions of the Checkmarx VS Code extension were available to download from the Visual Studio Marketplace and OpenVSX, and a malicious tag was published for the Checkmarx ast-github-action GitHub Action. The Docker images were taken down as of approximately 1820 UTC, however the malicious extensions are still available on OpenVSX as of 0000 UTC on April 23.
These malicious versions all gather, encrypt and exfiltrate secrets. The VS Code extensions also include functionality to steal npm tokens and publish additional supply chain attacks.
On April 23, this activity extended to the Bitwarden CLI npm package (@bitwarden/cli), with a malicious version being temporarily published.