• Home
  • About
  • Locations
logologologologo
  • Plan
    • vCISO
    • Policies & Procedures
    • Strategy & Security Program Creation
    • Risk Management
  • Attack
    • Penetration Testing
    • PTaaS
    • Red Teaming
    • Web Application Penetration Testing
    • Mobile Application Penetration Testing
    • IOT Penetration Testing
  • Defend
    • Office 365 Security
    • HIPAA Compliance
    • PCI Compliance
    • Code Reviews
    • Blockchain Security Analysis
    • Vulnerability Assessments
  • Recover
    • Ransomware Recovery
    • Expert Witness
    • Forensics
  • Learn
    • Resources
    • Penetration Testing Training
    • Blog
  • Contact Us
  • Instant Quote
✕

TeamPCP Compromises Checkmarx Jenkins Plugin in Supply Chain Attack

May 12, 2026

Meta Description

TeamPCP reportedly compromised the Checkmarx Jenkins plugin, raising concerns over CI/CD supply chain security and plugin trust integrity.

Introduction

Security tools are supposed to protect software pipelines.

They scan code. They inspect dependencies. They check infrastructure-as-code. They help teams detect vulnerabilities before attackers do.

But when attackers compromise the tools trusted by developers and CI/CD systems, the security model changes completely.

That is why the TeamPCP compromise of the Checkmarx Jenkins AST plugin is so serious.

Checkmarx confirmed that a modified version of its Jenkins AST plugin was published to the Jenkins Marketplace. The incident follows a wider series of TeamPCP-linked supply chain attacks involving Checkmarx-related developer artifacts, GitHub Actions workflows, and OpenVSX plugins.

The risk is not just that one plugin was altered.

The deeper issue is that CI/CD security tools often run in privileged environments. They may have access to repository credentials, cloud secrets, build tokens, deployment keys, Kubernetes credentials, package registry tokens, and sensitive source code.

If a compromised plugin runs inside Jenkins, it may expose secrets that attackers can use to move deeper into development and production systems.

There is no confirmed CVE behind this incident.

The weakness is software supply chain trust.

For organizations, the message is clear:

A trusted security plugin can become an attacker’s credential collection point if the supply chain is compromised.

What Happened

Checkmarx confirmed that a modified version of the Checkmarx Jenkins AST plugin was published to the Jenkins Marketplace.

The company advised users to ensure they were using a safe earlier version while remediation was underway. A newer version was later listed on GitHub and the Jenkins Marketplace.

The incident is connected to a broader pattern of TeamPCP activity targeting security and developer tooling.

In prior related incidents, Checkmarx confirmed that its environment was impacted through a supply chain incident originating from the earlier Trivy attack. The company also reported that certain Checkmarx-related artifacts distributed through third-party channels were affected.

Those earlier affected artifacts included:

  • Checkmarx-related OpenVSX extensions
  • Checkmarx AST GitHub Action
  • Checkmarx KICS GitHub Action

The malicious activity in those incidents focused on credential and secret collection from developer and CI/CD environments.

The Jenkins AST plugin incident continued that same pattern.

Attackers are not randomly targeting end-user devices.

They are targeting the development and security infrastructure that organizations trust to build and protect software.

According to public reporting, TeamPCP gained unauthorized access to the plugin’s GitHub repository, defaced it, and published a modified plugin version. The repository was reportedly renamed with a message taunting Checkmarx and suggesting that secrets had not been fully rotated.

That point is important because a repeat incident shortly after a previous supply chain compromise may indicate incomplete remediation, retained attacker access, or re-entry through credentials that were not fully revoked.

The full technical publication path has not been completely disclosed publicly, so organizations should avoid making unsupported assumptions about the exact method used to push the modified plugin.

The confirmed risk remains clear:

A security plugin trusted by Jenkins users was modified and made available through a trusted marketplace channel.

Why This Issue Is Critical

This issue is critical because Jenkins plugins can operate inside extremely sensitive environments.

Jenkins is often connected to:

  • Source code repositories
  • Build systems
  • Deployment workflows
  • Cloud accounts
  • Container registries
  • Kubernetes clusters
  • Package registries
  • Artifact repositories
  • Secrets managers
  • Production release processes

A compromised Jenkins plugin can create serious exposure because it may run where secrets already exist.

Attackers do not need to compromise production directly if they can compromise the pipeline that deploys to production.

That is why CI/CD supply chain attacks are so dangerous.

They target the systems that move code from development to release.

A modified plugin could potentially expose:

  • GitHub tokens
  • Jenkins credentials
  • Cloud keys
  • Kubernetes configuration data
  • SSH keys
  • Docker registry credentials
  • Package publishing tokens
  • Repository secrets
  • Environment variables
  • Build artifacts
  • Source code
  • Deployment credentials

Even if the plugin does not directly compromise production, stolen credentials may allow attackers to access other systems later.

This is why organizations must treat CI/CD plugin compromise as a potential credential theft event, not just a software update issue.

What Caused the Issue

The public reporting does not fully confirm the exact technical path used to publish the modified Jenkins AST plugin.

However, the incident fits a broader TeamPCP pattern involving compromised developer tooling, stolen credentials, and supply chain abuse.

Several risk factors likely contributed to the overall exposure.

Supply Chain Trust Abuse

Organizations trust Jenkins Marketplace plugins because they appear to come from known vendors and legitimate distribution channels.

Attackers abuse that trust by modifying trusted artifacts rather than creating obviously suspicious tools.

CI/CD Credential Exposure

Jenkins and similar platforms often store or access powerful credentials.

If a plugin runs in that environment, attackers may be able to reach secrets that are not available on normal endpoints.

Developer Tooling Compromise

TeamPCP has repeatedly targeted developer and security tools because those tools sit close to secrets, source code, and build workflows.

Possible Incomplete Remediation

Public reporting noted that a second incident soon after the prior Checkmarx supply chain compromise raised concerns about whether earlier remediation fully removed access or rotated all affected credentials.

This should be treated as a lesson for all organizations.

After a supply chain incident, partial secret rotation is not enough.

Marketplace Distribution Risk

Third-party marketplaces help users find and install tools quickly.

But if malicious versions reach those channels, trusted distribution becomes a risk amplifier.

Weak Pipeline Isolation

If Jenkins jobs run with broad credentials or excessive permissions, a compromised plugin may have greater access than necessary.

How the Attack Chain Works

This incident follows a supply chain compromise pattern focused on trusted CI/CD tooling.

Tool Trust Establishment

An organization uses Jenkins and installs the Checkmarx Jenkins AST plugin to support application security testing in CI/CD workflows.

The plugin is trusted because it is associated with a known security vendor.

Plugin Modification

Attackers gain a path to modify or publish a malicious version of the plugin.

The exact publication path has not been fully disclosed publicly.

Marketplace Exposure

The modified plugin becomes available through a trusted plugin distribution channel.

Administrators or automated update processes may install or update to the affected version.

Pipeline Execution

The plugin runs inside Jenkins as part of a build or security scan workflow.

At this point, the plugin may have access to environment variables, pipeline secrets, repository metadata, credentials, and build context.

Credential Collection Risk

A malicious payload can attempt to collect secrets from the Jenkins environment.

This may include cloud credentials, GitHub tokens, Jenkins secrets, Kubernetes credentials, Docker credentials, SSH keys, package tokens, and other sensitive data.

Exfiltration Risk

Collected data may be sent to attacker-controlled infrastructure or staged through fallback mechanisms.

In related TeamPCP incidents, attackers used vendor-themed infrastructure and backup exfiltration paths.

Follow-On Compromise

Stolen credentials can enable attackers to access repositories, cloud platforms, containers, CI/CD workflows, or production deployment paths.

Persistence and Re-Entry

If all exposed credentials are not rotated, attackers may retain access even after the malicious plugin is removed.

This is why cleanup must include full credential review and pipeline trust restoration.

Why This Incident Matters for Cybersecurity

This incident matters because it shows that security tools are now high-value supply chain targets.

Attackers understand that security scanners, CI/CD plugins, GitHub Actions, VS Code extensions, and package managers often run where sensitive secrets exist.

Compromising a developer’s laptop is useful.

Compromising a CI/CD security tool can be even more powerful.

That tool may run across many repositories, many builds, many branches, and many environments.

It may also be trusted by default.

The TeamPCP campaign shows a clear attacker strategy:

Target the tools that developers and security teams trust most.

This creates a difficult problem.

Organizations cannot simply stop using security tools.

They need them.

But they must treat those tools as part of the attack surface.

That means security tools need:

  • Version control
  • Provenance validation
  • Least privilege
  • Change review
  • Network egress controls
  • Secrets isolation
  • Runtime monitoring
  • Vendor incident response visibility
  • Strong update governance

A compromised security plugin is not an edge case anymore.

It is part of the modern supply chain threat model.

Common Risks Highlighted by the Incident

The Checkmarx Jenkins AST plugin compromise highlights several major risks.

CI/CD Credential Theft

Build pipelines often hold powerful secrets.

A malicious plugin can potentially collect credentials from the environment where it runs.

Trusted Plugin Abuse

A plugin associated with a known vendor can be more dangerous than unknown malware because users are less suspicious.

Marketplace Supply Chain Risk

Official-looking marketplace distribution can make malicious versions easier to install at scale.

Security Tool Compromise

Tools designed to protect software can become attacker delivery mechanisms if their supply chain is compromised.

Incomplete Secret Rotation

If credentials from a prior incident are not fully rotated, attackers may retain access or regain entry.

Excessive Jenkins Permissions

Plugins and jobs often run with broad access.

Overprivileged Jenkins environments increase blast radius.

Weak Egress Controls

If CI/CD runners can freely reach the internet, malicious plugins can exfiltrate secrets more easily.

Pipeline Visibility Gaps

Many organizations do not monitor plugin behavior, outbound traffic, or secret access inside CI/CD jobs closely enough.

Potential Impact on Organizations

The impact of a compromised Jenkins security plugin can be severe.

Organizations may face:

  • Jenkins credential theft
  • GitHub token exposure
  • Cloud key exposure
  • Kubernetes secret exposure
  • Docker registry credential theft
  • SSH key exposure
  • Source code theft
  • Build artifact tampering
  • CI/CD pipeline compromise
  • Unauthorized deployment access
  • Package publishing abuse
  • Repository compromise
  • Cloud environment compromise
  • Production access risk
  • Customer-impacting supply chain exposure
  • Incident response costs
  • Regulatory and legal exposure
  • Loss of trust in development workflows

The most dangerous scenario is not just plugin compromise.

It is credential reuse after plugin compromise.

If attackers steal tokens and those tokens remain valid, they may continue operating long after the affected plugin version is removed.

That is why remediation must include secret rotation, not only plugin rollback.

What Organisations Should Do Now

Organizations using the Checkmarx Jenkins AST plugin should respond quickly and carefully.

Recommended actions include:

  • Identify all Jenkins instances using the Checkmarx Jenkins AST plugin
  • Confirm the installed plugin version across every Jenkins controller and agent
  • Move to a confirmed safe version recommended by the vendor
  • Disable automatic plugin updates until versions are verified
  • Review plugin update history for suspicious installation windows
  • Review Jenkins job logs during the affected period
  • Review outbound network traffic from Jenkins controllers and agents
  • Rotate Jenkins credentials accessible to affected jobs
  • Rotate GitHub tokens exposed to Jenkins
  • Rotate cloud credentials used by Jenkins
  • Rotate Kubernetes credentials and configuration material used in pipelines
  • Rotate Docker registry credentials used in builds
  • Rotate SSH keys exposed to Jenkins jobs
  • Review package publishing tokens used in pipelines
  • Search for unauthorized repository activity after the exposure window
  • Review cloud audit logs for suspicious activity
  • Review Jenkins administrative accounts and API tokens
  • Restrict Jenkins egress to approved destinations
  • Require manual review for security plugin updates
  • Treat any affected Jenkins environment as potentially exposed until validated

Organizations should also review whether Jenkins jobs expose too many secrets to plugins.

A plugin should not have access to every credential in the environment.

Least privilege must apply inside CI/CD pipelines too.

Detection and Monitoring Strategies

Detection should focus on plugin integrity, Jenkins behavior, credential access, outbound traffic, and post-compromise activity.

Security teams should monitor for:

  • Unexpected Jenkins plugin updates
  • Checkmarx Jenkins AST plugin version changes
  • Jenkins jobs running during affected plugin windows
  • New outbound connections from Jenkins controllers
  • New outbound connections from Jenkins build agents
  • Unusual DNS queries from CI/CD infrastructure
  • Jenkins environment variables accessed unexpectedly
  • Secrets exposed in build logs
  • Suspicious archive creation during builds
  • Large outbound transfers from Jenkins
  • New or modified Jenkins credentials
  • New Jenkins API tokens
  • New Jenkins administrative users
  • Modified build scripts
  • Unexpected GitHub API activity
  • New GitHub repositories or artifacts created by CI tokens
  • Unusual cloud API calls from Jenkins identities
  • Kubernetes API activity from CI/CD service accounts
  • Docker registry logins from unusual locations
  • Package publishing activity outside normal release windows

Security teams should correlate:

  • Jenkins logs
  • Plugin update logs
  • Build job logs
  • GitHub audit logs
  • Cloud provider audit logs
  • Kubernetes audit logs
  • Docker registry logs
  • Network proxy logs
  • DNS logs
  • SIEM alerts
  • EDR telemetry from Jenkins agents
  • Secrets manager access logs

Detection should focus on behavior.

A malicious plugin may not have an obvious malware file name.

But it still needs to run, access secrets, communicate externally, and potentially alter pipeline behavior.

Those actions can be monitored.

The Role of Incident Response Planning

This incident reinforces that CI/CD compromise requires a specialized incident response plan.

A normal endpoint malware playbook is not enough.

Jenkins incidents affect source code, build secrets, deployment workflows, cloud infrastructure, and release trust.

A strong response plan should include:

  • Immediate inventory of affected Jenkins instances
  • Plugin version validation
  • Preservation of Jenkins logs
  • Preservation of build logs
  • Identification of all credentials exposed to affected jobs
  • Secret rotation across CI/CD, cloud, GitHub, Kubernetes, Docker, and SSH
  • Review of repository activity
  • Review of cloud control plane activity
  • Review of build artifacts
  • Review of release pipelines
  • Network traffic analysis from Jenkins infrastructure
  • Validation that no unauthorized artifacts were deployed
  • Rebuild or redeploy Jenkins agents where trust is uncertain
  • Executive and legal escalation where sensitive data may be exposed
  • Communication with affected engineering teams

Incident responders should ask:

  • Which Jenkins instances had the affected plugin?
  • Which version was installed?
  • When was it installed?
  • Which jobs ran while it was installed?
  • Which credentials were available to those jobs?
  • Were secrets accessed or printed?
  • Did Jenkins connect to unusual external infrastructure?
  • Were repositories accessed unexpectedly?
  • Were cloud resources modified?
  • Were Kubernetes clusters accessed?
  • Were Docker registries accessed?
  • Were build artifacts altered?
  • Were releases produced during the exposure window?

If the organization cannot answer these questions, the incident should be treated as higher risk.

The Role of Penetration Testing

Penetration testing can help organizations understand how much damage a compromised Jenkins plugin could cause.

A traditional network scan will not answer that question.

Organizations need CI/CD-focused testing that evaluates secrets, permissions, isolation, and pipeline abuse.

A strong assessment can evaluate:

  • Jenkins plugin governance
  • Automatic plugin update controls
  • Plugin integrity validation
  • Jenkins credential scope
  • Pipeline secret exposure
  • Build agent isolation
  • Network egress restrictions
  • Access from Jenkins to GitHub
  • Access from Jenkins to cloud platforms
  • Access from Jenkins to Kubernetes
  • Docker registry permissions
  • Package publishing permissions
  • Secrets manager access
  • Logging and alerting coverage
  • Ability to detect malicious plugin behavior
  • Blast radius of a compromised plugin

A red team exercise can safely simulate the risk:

  • Introduce a controlled test plugin or controlled pipeline behavior
  • Measure which secrets are accessible
  • Test whether outbound traffic is detected
  • Simulate safe credential access attempts
  • Validate Jenkins logging
  • Review cloud and GitHub alerts
  • Test incident response escalation
  • Measure time to rotate exposed credentials

The goal is to answer a practical question:

If one trusted Jenkins plugin is compromised, what can it reach?

Penetration testing should not stop at whether Jenkins is patched.

It should test whether Jenkins is allowed to become a bridge into production.

Protection and Mitigation Measures

Organizations should strengthen CI/CD and plugin security using layered controls.

Verify Plugin Versions

Confirm that all Jenkins plugins are running safe, vendor-approved versions.

Do not assume marketplace availability means a version is safe.

Disable Automatic Updates for High-Risk Plugins

Security-critical plugins should be reviewed before updates are applied.

Automatic updates can increase exposure during supply chain incidents.

Use Least Privilege for Jenkins Credentials

Jenkins jobs should only receive the credentials required for that specific job.

Avoid broad credential availability.

Restrict Jenkins Egress

Jenkins controllers and agents should only connect to approved services.

Unexpected outbound traffic should trigger alerts.

Isolate Build Agents

Use ephemeral agents where possible.

Destroy and recreate agents after jobs to reduce persistence risk.

Monitor Plugin Changes

Alert on new plugin installs, plugin updates, plugin removals, and unexpected version changes.

Protect Secrets

Store secrets in dedicated secret management systems.

Avoid exposing long-lived credentials directly to build jobs.

Rotate Credentials After Exposure

If a compromised plugin may have run, rotate all credentials available to affected pipelines.

Assume exposure until proven otherwise.

Review CI/CD Logs

Search for suspicious outbound activity, archive creation, unusual command execution, or secret access.

Pin Trusted Versions

Pin critical CI/CD tools and plugins to validated versions.

Review changes before upgrading.

Validate Build Artifacts

Confirm that artifacts built during exposure windows were not altered or poisoned.

Harden GitHub and Cloud Access

Use fine-grained tokens, short-lived credentials, workload identity, and strong audit logging.

Run CI/CD Security Testing

Include Jenkins, GitHub, cloud credentials, Kubernetes credentials, and plugin compromise scenarios in penetration testing.

Key Takeaway

The TeamPCP compromise of the Checkmarx Jenkins AST plugin shows how dangerous CI/CD supply chain attacks have become.

Attackers are no longer only targeting applications.

They are targeting the tools used to scan, build, test, and deploy those applications.

A compromised Jenkins plugin can potentially expose credentials, repository access, cloud keys, Kubernetes secrets, Docker credentials, SSH keys, package tokens, and sensitive build context.

There is no confirmed CVE behind this incident.

The risk comes from trusted plugin distribution, developer tooling compromise, credential exposure, and incomplete remediation after prior supply chain incidents.

Organizations should verify plugin versions, review Jenkins activity, rotate exposed secrets, restrict plugin updates, harden CI/CD egress, isolate build agents, and test pipeline compromise scenarios through penetration testing.

The message is simple:

When attackers compromise the tools that protect the pipeline, the pipeline itself becomes the target.

Contact Us Now to Prepare
for Digital Warfare


      • info@digitalwarfare.com

      • +1 757-900-9968

Share
Copyright © Digital Warfare. All rights reserved.
  • Home
  • About
  • Locations