Summary

Checkmarx has identified a compromised version of its Jenkins Application Security Testing (AST) plugin on the Jenkins Marketplace. This rogue plugin contains an infostealer, posing a significant security threat.

Key Points

• Checkmarx discovered the compromised plugin over the weekend.
• The rogue plugin was published on the Jenkins Marketplace.
• The compromised version contains an infostealer, which can exfiltrate sensitive information.
• Users of the Jenkins AST plugin are advised to verify their installations and ensure they are using legitimate versions.

Analysis

The presence of an infostealer in a widely used plugin like Jenkins AST is alarming, as it can lead to unauthorized access to sensitive data. This incident highlights the importance of verifying software integrity, especially when sourced from third-party marketplaces. Organizations using Jenkins for application security testing should be vigilant and take immediate action to mitigate potential risks.

Conclusion

IT professionals should immediately check their Jenkins AST plugin installations for any signs of compromise and update to a secure version if necessary. Regular audits and monitoring of third-party software can help prevent similar incidents in the future.