VulnHub

Real-time Cybersecurity News

New Checkmarx supply-chain breach affects KICS analysis tool

BleepingComputer
Actively Exploited
Update

Overview

Hackers have compromised Docker images and extensions for the Checkmarx KICS analysis tool, specifically targeting Visual Studio Code and Open VSX. This breach allows attackers to access sensitive data from developer environments, raising serious concerns about the security of development tools widely used in the industry. Developers who have integrated these tools into their workflows may unknowingly expose their projects and sensitive information to unauthorized access. This incident emphasizes the need for developers to be vigilant about the tools they use and the sources from which they download software. Users are advised to check their systems for any compromised extensions and to update their security protocols to mitigate potential risks.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Checkmarx KICS analysis tool, Docker images, Visual Studio Code extensions, Open VSX extensions
  • Action Required: Developers should remove any affected Docker images and extensions, and ensure that they are using the most recent versions of their tools.
  • Timeline: Newly disclosed

Original Article Summary

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. [...]

Impact

Checkmarx KICS analysis tool, Docker images, Visual Studio Code extensions, Open VSX extensions

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Developers should remove any affected Docker images and extensions, and ensure that they are using the most recent versions of their tools. Regular security audits of development environments are also recommended.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Update.

Read Original Article

Related Coverage

Taiwan High-Speed Rail Emergency Braking Hack: How a Student Stopped the Trains and Exposed a Major Security Gap

Security Affairs

A 23-year-old student in Taiwan caused significant disruption to the high-speed rail system by spoofing signals and triggering an emergency alarm, halting four trains for nearly an hour during a busy holiday period. This incident occurred on the Qingming Festival, a time when many people travel, leading to chaos and delays for thousands of passengers. Experts are concerned about the security vulnerabilities in the rail system, which is a critical part of Taiwan's infrastructure. This event raises serious questions about the safety measures in place to protect against such tampering and the potential for more sophisticated attacks in the future. The incident serves as a reminder of the importance of cybersecurity in public transportation systems and the need for robust protective measures.

May 6, 2026

A DOD contractor’s API flaw exposed military course data and service member records

CyberScoop

Researchers discovered a significant flaw in the API of Schemata, a contractor for the Department of Defense, which exposed sensitive information related to military courses and service members. This breach included personal details such as names, email addresses, base assignments, and course materials before Schemata implemented a fix and informed government officials. The exposure raises serious concerns about the security of military data and the potential risks to service members' privacy. Such incidents highlight the need for stringent security measures among contractors handling sensitive government information. The incident serves as a reminder of the vulnerabilities that can exist in systems that support military operations.

May 6, 2026

Roku sued for allegedly bricking TVs - see which models are affected, and your best alternatives

Latest news

Roku is facing a lawsuit after numerous users reported that their Roku TVs have become unusable, either getting stuck in boot loops or displaying black screens. This issue affects several models, leading to frustration among customers who rely on these devices for streaming. Users have taken to social media and forums to express their dissatisfaction, prompting legal action against the company. The situation raises concerns about the reliability of Roku devices and the potential need for better customer support and product durability. As these issues continue, affected users are encouraged to seek alternatives while the lawsuit unfolds.

May 6, 2026

Critical vm2 sandbox bug lets attackers execute code on hosts

BleepingComputer

A serious vulnerability in the vm2 library, widely used for sandboxing in Node.js applications, has been discovered. This flaw allows attackers to escape the sandbox environment and execute arbitrary code on the host system, posing a significant risk to applications relying on vm2 for security. Developers and organizations using this library need to take immediate action to safeguard their systems, as this vulnerability could lead to severe breaches. The issue affects multiple versions of vm2, making it critical for users to update their systems promptly. Failure to address this vulnerability could leave systems exposed to potential attacks.

May 6, 2026

Australian small businesses lack cyber security plans, research finds

SCM feed for Latest

A recent study by Ipsos, commissioned by Optus, reveals that one in three small businesses in Australia have faced a cyber incident. Despite this alarming statistic, many of these businesses are not adequately prepared for future attacks. The research indicates a significant gap in cybersecurity planning among small enterprises, which could leave them vulnerable to more sophisticated threats. This lack of readiness is concerning, as cyber incidents can lead to severe financial and reputational damage. Small businesses need to prioritize developing and implementing effective cybersecurity strategies to protect their operations and customer data.

May 6, 2026

MetInfo CMS vulnerability exploited by threat actors

SCM feed for Latest

A serious vulnerability in MetInfo CMS, labeled CVE-2026-29014, has been discovered that allows unauthenticated attackers to execute arbitrary PHP code remotely. This flaw has a high severity rating of 9.8, indicating a significant risk to users of the platform. Organizations using MetInfo should be particularly vigilant, as this could lead to unauthorized access and control over their websites. As of now, there are concerns that this vulnerability is being actively exploited, which underscores the urgency for users to take action. It is crucial for affected users to apply any available patches and review their security measures to protect against potential intrusions.

May 6, 2026