TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

thehackernews.com·May 11, 2026

Checkmarx announced that a modified version of the Jenkins AST plugin is available on the Jenkins Marketplace, advising users to ensure they are on version 2.0.13-829.vc72453fa_1c16 or earlier, published on December 17, 2025.

Ensure that your organization is using the correct version of the Checkmarx Jenkins AST plugin—specifically version 2.0.13-829.vc72453fa_1c16 or earlier—to avoid potential security risks from the modified plugin. This immediate action will help maintain the integrity of your continuous integration and delivery processes within the Jenkins environment.

Want more content like this?

twixb tracks your favorite blogs and social media, filters by keywords, and delivers personalized key learnings — straight to your inbox.

Create Your Own →Explore Newsfeeds

More from Cybersecurity News

Recent stories curated alongside this one.

Browse all Cybersecurity News →

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

Want more content like this?

More from Cybersecurity News

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and Android

Linux bitten by second severe vulnerability in as many weeks

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation