Malicious Jenkins Plugin Update Raises Security Concerns

Plugin Tampering: A Growing Threat

Checkmarx confirmed a tampered version of its Jenkins AST plugin was published to the Jenkins Marketplace. The incident occurred weeks after a supply chain attack on KICS. Users are advised to check their plugin version, with 2.0.13-829.vc72453fa_1c16 being the last safe release.

The Checkmarx Jenkins AST plugin is used for application security testing. A modified version was uploaded, potentially exposing users to security risks. Checkmarx urged users to verify their plugin version, ensuring it's from December 17, 2025, or earlier.

The incident highlights the vulnerability of the software supply chain. Attackers are increasingly targeting plugins and integrations to gain access to sensitive systems. The Checkmarx plugin is widely used, making this a significant security concern.

Can Plugin Security be Guaranteed?

Checkmarx stated that users should be cautious when updating plugins, as malicious actors may exploit this process. The company is working to prevent similar incidents in the future.

The recent KICS supply chain attack and the Checkmarx plugin incident raise questions about the security of the software development ecosystem. As plugins and integrations become more prevalent, the risk of tampering grows.

The consequences of such incidents can be severe, with potential data breaches and system compromises. Users must remain vigilant, monitoring their plugin versions and reporting suspicious activity.

Frequently Asked Questions

What is the safe version of the Checkmarx Jenkins AST plugin? The safe version is 2.0.13-829.vc72453fa_1c16, released on December 17, 2025, or earlier. Users should verify their plugin version to ensure security.

How can users protect themselves from plugin tampering? Users should be cautious when updating plugins and monitor their versions regularly. They should also report any suspicious activity to the plugin developers.

What are the potential consequences of plugin tampering? Plugin tampering can lead to data breaches, system compromises, and other security incidents, potentially causing significant financial and reputational damage.