{"id":2666,"date":"2026-04-22T19:05:05","date_gmt":"2026-04-22T19:05:05","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/"},"modified":"2026-04-22T19:05:05","modified_gmt":"2026-04-22T19:05:05","slug":"malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/","title":{"rendered":"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain"},"content":{"rendered":"<div>Cybersecurity researchers have warned of malicious images pushed to the official &#8220;checkmarx\/kics&#8221; Docker Hub repository.<br \/>\nIn an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to an official release. The<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have warned of malicious images pushed to the official &#8220;checkmarx\/kics&#8221; Docker Hub repository. In an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to an official [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[90],"tags":[91],"class_list":["post-2666","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"Cybersecurity researchers have warned of malicious images pushed to the official &#8220;checkmarx\/kics&#8221; Docker Hub repository. In an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to an official [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-04-22T19:05:05+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain\",\"datePublished\":\"2026-04-22T19:05:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/\"},\"wordCount\":70,\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/\",\"name\":\"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"datePublished\":\"2026-04-22T19:05:05+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/","og_locale":"en_US","og_type":"article","og_title":"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain - Imperative Business Ventures Limited","og_description":"Cybersecurity researchers have warned of malicious images pushed to the official &#8220;checkmarx\/kics&#8221; Docker Hub repository. In an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to an official [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-04-22T19:05:05+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain","datePublished":"2026-04-22T19:05:05+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/"},"wordCount":70,"keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/","name":"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"datePublished":"2026-04-22T19:05:05+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/04\/22\/malicious-kics-docker-images-and-vs-code-extensions-hit-checkmarx-supply-chain\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2666","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=2666"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2666\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=2666"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=2666"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=2666"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}