ZDNet

Codecov to retire the Bash script responsible for supply chain attack wave

Codecov has introduced a new uploader that relies on NodeJS to replace and remove a Bash script responsible for a recent supply chain attack. The San Francisco-based DevOps tool provider said in a ...
Bleeping Computer

Codecov ditches Bash Uploader for a NodeJS executable

Software testing and code coverage company, Codecov has now introduced a cross-platform uploader meant to replace its former Bash Uploader. This new uploader is available as a static binary executable ...
Bleeping Computer

Codecov starts notifying customers affected by supply-chain attack

As of a few hours ago, Codecov has started notifying the maintainers of software repositories affected by the recent supply-chain attack. These notifications, delivered via both email and the Codecov ...
Gizmodo

U.S. Federal Investigators Are Reportedly Looking Into Codecov Security Breach, Undetected for Months

U.S. federal investigators are purportedly looking into a security breach at Codecov, a platform used to test software code with more 29,000 customers worldwide, Reuters reported on Saturday. The ...
ZDNet

Rapid7 source code, alert data accessed in Codecov supply chain attack

On Thursday, the cybersecurity firm said it was one of the victims of the incident, in which an attacker obtained access to the Codecov Bash uploader script. The cyberattack against Codecov took place ...