Hacker News
Lobsters
- A malicious script that uploaded your environment variables to an unknown third party found at Codecov bash uploader. Please check your pipelines if you ARE or WERE using Codecov at any point! https://about.codecov.io/security-update/ 24 comments programming
- Codecov's Bash Uploader for Coverage Reports Compromised https://about.codecov.io/security-update/ 21 comments programming
Linking pages
- Backdoored developer tool that stole credentials escaped notice for 3 months | Ars Technica https://arstechnica.com/gadgets/2021/04/backdoored-developer-tool-that-stole-credentials-escaped-notice-for-3-months/ 4 comments
- Popular Codecov code coverage tool hacked to steal dev credentials https://www.bleepingcomputer.com/news/security/popular-codecov-code-coverage-tool-hacked-to-steal-dev-credentials/ 2 comments
- Federal investigators looking into breach at software code testing company Codecov - The Verge https://www.theverge.com/2021/4/18/22390379/federal-investigators-breach-software-codecov-solarwinds 1 comment
- Software Supply Chains & The Modern Challenges | by Tanmay Deshpande | ITNEXT https://itnext.io/software-supply-chains-the-modern-challenges-e2d9e1ea8f6 0 comments
- tag-security/supply-chain-security/compromises at main · cncf/tag-security · GitHub https://github.com/cncf/sig-security/tree/master/supply-chain-security/compromises 0 comments
- How to secure your Python software supply chain | by Benoît Goujon | Artefact Engineering and Data Science | Medium https://medium.com/artefact-engineering-and-data-science/how-to-secure-your-python-software-supply-chain-81490f6e4ff9 0 comments
- The rise and future of Kubernetes and open source at Google | Google Cloud Blog https://cloud.google.com/blog/products/containers-kubernetes/the-rise-and-future-of-kubernetes-and-open-source-at-google 0 comments
- GitHub - step-security/attack-simulator: Simulate past supply chain attacks such as SolarWinds, Codecov, and ua-parser-js https://github.com/step-security/supply-chain-goat 0 comments
- tag-security/supply-chain-security/compromises at main · cncf/tag-security · GitHub https://github.com/cncf/tag-security/tree/main/supply-chain-security/compromises 0 comments
- Attackers have better things to do than corrupt your builds | Kelly Shortridge https://kellyshortridge.com/blog/posts/attackers-have-better-things-to-do-than-corrupt-your-builds/ 0 comments
Related searches:
Search whole site: site:about.codecov.io
Search title: Bash Uploader Security Update - Codecov
See how to search.