Codecov discloses 2.5-month-long supply chain attack
Catalin Cimpanu reports:
Codecov, a software company that provides code testing and code statistics solutions, disclosed on Thursday a major security breach after a threat actor managed to breach its platform and add a credentials harvester to one of its tools.
The impacted product is named Bash Uploader and allows Codecov customers to submit code coverage reports to the company’s platform for analysis.
Read more on The Record.