Checkmarx confirmed that a modified version of its Jenkins AST plugin was published to the Jenkins Marketplace, and users were advised to verify they are running the safe 2.0.13-829.vc72453fa_1c16 release or earlier. The incident is part of a wider TeamPCP campaign that has also hit Checkmarx’s KICS Docker image, VS Code extensions, GitHub Actions workflow, and the Bitwarden CLI npm package to steal developer secrets. #Checkmarx #JenkinsASTPlugin #TeamPCP #KICSDockerImage #BitwardenCLI
Keypoints
- Checkmarx confirmed a modified Jenkins AST plugin was published to the Jenkins Marketplace.
- Users were told to verify they use version 2.0.13-829.vc72453fa_1c16 or earlier.
- Checkmarx has released a newer version, 2.0.13-848.v76e89de8a_053, on GitHub and the Jenkins Marketplace.
- TeamPCP is linked to the attack and previously compromised Checkmarx software and workflows.
- Researchers said the group may have retained access or found gaps in Checkmarx’s remediation efforts.
Read More: https://thehackernews.com/2026/05/teampcp-compromises-checkmarx-jenkins.html