Checkmarx KICS GitHub Action Compromised: Malware Injected in All Git Tags

The Checkmarx KICS GitHub Action repository has been compromised with malware injected into all release tags. An infostealer payload was embedded across all versions of the kics-github-action repository. Organizations using any version of this GitHub Action should immediately treat their CI/CD secrets as compromised. This represents a significant supply chain attack targeting development and deployment pipelines. Immediate secret rotation is required for all affected environments. The compromise affects the entire release history of the popular security scanning tool.