Hackers have compromised Docker images, VSCode and Open VSX extensions for the Checkmarx KICS analysis tool to harvest sensitive data from developer environments. [...]
New Checkmarx supply-chain breach affects KICS analysis tool
Summary + source link. No paywalls, no tracking.