"Checkmarx fails to rotate secrets again. With love - TeamPCP."
TeamPCP’s claim and the wider spree of supply‑chain attacks
The message above, left in the about section by the attacker, is part of a claim by the TeamPCP hacker group that a rogue version of Checkmarx's Jenkins Application Security Testing (AST) plugin was published to the Jenkins Marketplace. TeamPCP has been linked to a string of supply‑chain activity that the source describes as including the Shai‑Hulud campaigns on npm and the Trivy vulnerability scanner breach, all resulting in the delivery of credential‑stealing malware.
Offensive security engineer Adnand Khan stated that TeamPCP gained access to Checkmarx's GitHub repositories and backdoored the Jenkins AST plugin to deliver credential‑stealing malware.
How the Jenkins AST plugin was altered and identified
On Saturday, May 9, a rogue plugin version labeled 2026.5.09 was uploaded to repo.jenkins-ci.org. Checkmarx says the update was outside the plugin's release pipeline and included malicious code. The malicious package did not follow the plugin's usual release mechanics: it lacked a git tag and a GitHub release and reportedly did not follow the official date style scheme.
Checkmarx alerted users: “We are aware that a modified version of the Checkmarx Jenkins AST plugin was published to the Jenkins Marketplace. We are in the process of publishing a new version of this plug-in.” The company advised users to ensure they are using version 2.0.13-829.vc72453fa_1c16 of the plugin published on December 17, 2025, or an older one.
From Trivy credentials to malicious artifacts across GitHub, Docker and VSCode
A company spokesperson confirmed to BleepingComputer that the threat actor obtained credentials to Checkmarx's repositories from the Trivy supply‑chain attack in March. Using credentials stolen in that Trivy incident, the hackers published modified versions of multiple developer tools on GitHub, Docker, and VSCode that included info‑stealing code.
The attackers reportedly maintained access to Checkmarx's GitHub environment for at least a month. During that period they published a malicious version of Checkmarx’s KICS analysis tool on Docker, Open VSX, and VSCode that harvested data from developer environments. In late April, the company also confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository.
What this means for Checkmarx customers, security teams, and developers
- Checkmarx customers: The company says its GitHub repositories are isolated from its customer production environment and that no customer data is stored in the GitHub repository. Nonetheless, Checkmarx recommends assuming compromise for anyone who downloaded the malicious plugin: rotate all secrets and investigate for lateral movement or persistence.
- Security teams and defenders: Checkmarx has published a set of malicious artifacts that defenders can use as indicators of compromise (IoCs) on their environments. The company also says it has communicated with customers and will provide updates via the Support Portal and Security Updates sections.
- Developers and build‑pipeline maintainers: Anyone using the Jenkins AST plugin should confirm they are on version 2.0.13-829.vc72453fa_1c16 (or older) and should follow Checkmarx guidance to rotate credentials and audit developer environments if they installed the 2026.5.09 upload.
Company statements, mitigation steps, and lingering unknowns
A Checkmarx spokesperson summarized the situation: “As a result of that access, the attackers were able to interact with Checkmarx’s GitHub environment and subsequently publish malicious code to certain artifacts.” The company also said it has communicated with customers throughout the process and will continue to provide relevant updates as more information becomes available.
While Checkmarx has not shared technical details about what the rogue Jenkins plugin does on infected systems, its public advice is clear: assume credentials are compromised, rotate secrets, investigate for lateral movement or persistence, and use the published malicious artifacts as IoCs to scan environments. Checkmarx additionally said it is in the process of publishing a new, presumably clean, plugin version.
The immediate facts leave one concrete imperative: organizations that use Checkmarx tools or the affected Jenkins plugin must treat the 2026.5.09 upload as hostile, validate the plugin version in their pipelines, rotate any secrets that could have been exposed, and use the artifacts provided by Checkmarx to hunt for signs of compromise.
