VDB

GCVE-110-OSM-2026-538

GCVE-110-OSM-2026-538
Advisory PublishedCVSS 9.6/10
Vulnetix · Advisory published March 23, 2026
Legitimate Checkmarx ast-results OpenVSX extension (v2.53.0, ~36,000 downloads) compromised on March 23, 2026 as part of the TeamPCP supply-chain campaign. Published by hijacked ast-phoenix account at 12:53 UTC via compromised cx-plugins-releases service account (GitHub ID 225848595). Contains environmentAuthChecker.js that detects cloud credentials on activation, then downloads checkmarx-util-1.0.4.tgz from checkmarx.zone containing a comprehensive credential stealer targeting GitHub PATs, AWS/GCP/Azure credentials, K8s tokens, SSH keys, Docker creds, crypto wallets, and .env files. Exfiltrates encrypted bundles to checkmarx.zone/vsx; falls back to creating docs-tpcp repo via victim GITHUB_TOKEN. === STAGE 1: environmentAuthChecker.js === SHA256: 527f795a201a6bc114394c4cfc1c74dce97381989f51a4661aafbc93a4439e90 Activates on extension startup. Checks for credentials from GitHub, AWS, GCP, Azure. If credentials detected, proceeds to Stage 2. === STAGE 2: checkmarx-util-1.0.4.tgz === SHA256: 0d66d8c7e02574ff0d3443de0585af19c903d12466d88573ed82ec788655975c Downloaded from: checkmarx.zone/static/checkmarx-util-1.0.4.tgz Execution via npx, bunx, pnpx, or yarn dlx Contains scand() function — comprehensive credential stealer === CREDENTIAL HARVESTING TARGETS === GitHub PATs and tokens AWS credentials (including IMDS at 169.254.169.254) GCP access tokens Azure credentials Kubernetes service account tokens SSH keys Docker registry credentials Cryptocurrency wallets Slack/Discord webhook URLs .env files and shell history === EXFILTRATION === Primary: POST to checkmarx.zone/vsx Content-Type: application/octet-stream X-Filename: tpcp.tar.gz Encryption: AES-256-CBC with RSA-4096 public key (same key across all TeamPCP phases) Fallback: Creates docs-tpcp repo via victim GITHUB_TOKEN, uploads as release asset === PERSISTENCE (non-CI only) === Systemd user service polling https://checkmarx.zone/raw every 50 minutes Kill switch: aborts if response contains "youtube" === FILE HASHES === ast-results 2.53.0 VSIX: 65bd72fcddaf938cefdf55b3323ad29f649a65d4ddd6aea09afa974dfc7f105d environmentAuthChecker.js: 527f795a201a6bc114394c4cfc1c74dce97381989f51a4661aafbc93a4439e90 checkmarx-util-1.0.4.tgz: 0d66d8c7e02574ff0d3443de0585af19c903d12466d88573ed82ec788655975c === C2 INFRASTRUCTURE === checkmarx.zone → 83.142.209.11 (Ghosty Networks LLC, Luxembourg, AS205759) Havoc C2: 45.148.10.212 (TECHOFF SRV LIMITED, Netherlands, AS48090) Backup C2: 46.151.182.203 (Ghosty Networks LLC, cert CN=models.litellm.cloud) === EXPOSURE WINDOW === Published: 2026-03-23 12:53 UTC by ast-phoenix account Removed: 2026-03-23 15:41 UTC (~13 hours exposure) Safe version: >= 2.56.0

Weaknesses (CWE)

CWE-506Embedded Malicious Code

Risk Scores

CVSS 3.1
9.6/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
unknownast-resultsall (affected)
unknowncudra-production.vsce-prettier-proall (affected)
unknowncua-primitives-serverall (affected)
unknownty-config-providerall (affected), all (affected), all (affected), all (affected), all (affected), * (affected)
unknownjsonify-builderall (affected), all (affected), all (affected), * (affected), all (affected), all (affected), all (affected), all (affected), * (affected)

Browse GCVE Records

73,734 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›