Get a Pentest and security assessment of your IT network.

Cyber Security

Popular Codecov code coverage tool hacked to steal dev credentials

Codecov says a threat actor modified its Bash Uploader script, exposing sensitive information in customers continuous integration (CI) environment. The company learned of the compromise on April 1st but the investigation determined that the first signs of this software supply-chain attack occurred in late January. Atlassian, Washington Post, GoDaddy, Royal Bank of Canada, and Procter & Gamble are among those affected by the compromise. The incident occurred despite the security policies, procedures, practices, and controls it had set up.

Source: https://www.bleepingcomputer.com/news/security/popular-codecov-code-coverage-tool-hacked-to-steal-dev-credentials/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation