The Hacker News

Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain

Malicious KICS Docker tags and VS Code versions 1.17.0, 1.19.0 enabled data exfiltration, risking exposed infrastructure ...

New Checkmarx supply-chain breach affects KICS analysis tool

Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest ...
Cybernews

Checkmarx hit again, popular tools spreading credential-stealing malware

Checkmarx suffers a second supply chain attack in a month, resulting in hackers injecting credential-stealing malware into ...
Dark Reading

Malicious or Vulnerable Docker Images Widespread, Firm Says

More than half of the latest images available on Docker Hub have critical vulnerabilities from outdated software, while thousands of images are attack tools or other potentially dangerous software, ...
Threat Post

Malicious Docker Cryptomining Images Rack Up 20M Downloads

Publicly available cloud images are spreading Monero-mining malware to unsuspecting cloud developers. At least 30 malicious images in Docker Hub, with a collective 20 million downloads, have been used ...
Bleeping Computer

17 Backdoored Docker Images Removed From Docker Hub

The Docker team has pulled 17 Docker container images that have been backdoored and used to install reverse shells and cryptocurrency miners on users' servers for the past year. The malicious Docker ...