TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

Summary

Checkmarx confirmed that TeamPCP published a malicious version of its Jenkins AST plugin to the Jenkins Marketplace, weeks after the threat group compromised the company's KICS Docker image, VS Code extensions, and GitHub Actions workflows in March 2026. The malicious code was injected after attackers obtained credentials from the previous compromise, and the threat group renamed the plugin repository with a defacement message. Security researchers suggest either incomplete credential rotation or a retained foothold from the initial breach, as TeamPCP demonstrates persistent access and active testing of remediation gaps.

Full text

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack Ravie LakshmananMay 11, 2026Supply Chain Attack / DevSecOps Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. "If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published on December 17, 2025 or previously," the cybersecurity company said in a statement over the weekend. As of writing, Checkmarx has released 2.0.13-848.v76e89de8a_053 on both GitHub and the Jenkins Marketplace. A spokesperson for the company said the new version addresses the concerns associated with the incident. It's assessed that the malicious code was published after obtaining credentials from a previous supply chain attackthat took place in March 2026. The development is the latest attack orchestrated by TeamPCP targeting Checkmarx. It arrives a couple of weeks after the notorious cybercrime group was attributed to the compromise of its KICS Docker image, two VS Code extensions, and a GitHub Actions workflow to push credential-stealing malware. The breach, in turn, resulted in the brief compromise of the Bitwarden CLI npm package to serve a similar stealer that can harvest a wide range of developer secrets. TeamPCP has been linked to a series of breaches since March 2026 as part of a sprawling campaign that exploits the inherent trust in the software supply chain to propagate its malware and expand its reach. According to details shared by security researcher Adnan Khan and SOCRadar, TeamPCP is said to have gained unauthorized access to the plugin's GitHub repository and renamed it to "Checkmarx-Fully-Hacked-by-TeamPCP-and-Their-Customers-Should-Cancel-Now." The defaced repository was also updated to include the description: "Checkmarx fails to rotate secrets again. with love – TeamPCP." "The fact that TeamPCP is back inside Checkmarx systems just weeks later points to one of two possibilities: either the initial remediation was incomplete and credentials were not fully rotated, or the group retained a foothold that wasn't identified during the March response," SOCRadar said. "A second Checkmarx incident happening this soon suggests the group is actively watching for re-entry points, testing the depth of past remediations, and capitalizing on any gaps." (The story was updated after publication to include a response from Checkmarx.) Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share Share SHARE  Checkmarx, cybersecurity, DevSecOps, GitHub, Jenkins, Malware, software security, supply chain attack, TeamPCP ⚡ Top Stories This Week Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation New Fragnesia Linux Kernel LPE Grants Root Access via Page Cache Corruption 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday [Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI and More Packages cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation ⭐ Featured Resources [Webinar] Learn How to Handle Critical SOC Alerts With AI Support Identify Internal Attack Surfaces More Efficiently With a Free Assessment [eBook] Get the 3-Number SOC Diagnostic to Reduce Queue Risk [Guide] Stop Email Fraud Before It Turns Into Ransomware Damage

Indicators of Compromise

• malware — TeamPCP

Entities