top of page
perceptive_background_267k.jpg

Checkmarx KICS GitHub Action Compromised: Malware Injected in All Git Tags

Published:

24 maart 2026 om 14:17:24

Alert date:

24 maart 2026 om 15:05:59

Source:

stepsecurity.io

Click to open the original link from this advisory

Supply Chain & Dependencies, Security Tools

The Checkmarx KICS GitHub Action repository has been compromised with malware injected into all release tags. An infostealer payload was embedded in the Checkmarx/kics-github-action repository affecting all version tags. Organizations using this Action pinned to any version tag should immediately treat their CI/CD secrets as compromised. This represents a significant supply chain attack targeting development and security workflows. Immediate secret rotation is required for all affected environments. The compromise affects the popular security scanning tool used in CI/CD pipelines.

Technical details

Mitigation steps:

Affected products:

Checkmarx KICS GitHub Action

Related links:

https://www.stepsecurity.io/blog/checkmarx-kics-github-action-compromised-malware-injected-in-all-git-tags

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page