Cloud communications company Twilio has now disclosed that it was impacted by the recent Codecov supply-chain attack in a small capacity. As reported by BleepingComputer last month, popular code coverage tool Codecov had been a victim of a supply chain attack that lasted for two months. A small number of customer email addresses were exposed in one GitHub repository, and a user token had been exposed. Twilia has also taken steps to detect such incidents in the future, such as scanning GitHub pull requests in real-time to spot any exposed secrets.
Source: https://www.bleepingcomputer.com/news/security/twilio-discloses-impact-from-codecov-supply-chain-attack/