Summary

Cybersecurity researchers have identified malicious Docker images in the "checkmarx/kics" repository on Docker Hub. These images, introduced by unknown threat actors, have overwritten existing tags and added unauthorized versions.

Key Points

• Malicious images were pushed to the "checkmarx/kics" Docker Hub repository.
• Threat actors overwrote existing tags such as v2.1.20 and alpine.
• A new tag, v2.1.21, was introduced without an official release.
• The alert was published by the software supply chain security company Socket.

Analysis

The introduction of malicious Docker images into the Checkmarx supply chain represents a significant security threat, as it could lead to the deployment of compromised software in production environments. This incident highlights the vulnerabilities in software supply chains and the need for rigorous monitoring and validation of third-party components.

Conclusion

IT professionals should immediately verify the integrity of Docker images from the "checkmarx/kics" repository and ensure that only verified versions are used. Implementing robust supply chain security measures and continuous monitoring can mitigate such threats.