ZDNet

Codecov to retire the Bash script responsible for supply chain attack wave

Codecov has introduced a new uploader that relies on NodeJS to replace and remove a Bash script responsible for a recent supply chain attack. The San Francisco-based DevOps tool provider said in a ...
Bleeping Computer

Codecov ditches Bash Uploader for a NodeJS executable

Software testing and code coverage company, Codecov has now introduced a cross-platform uploader meant to replace its former Bash Uploader. This new uploader is available as a static binary executable ...
IT News For Australia Business

Hacked Codecov uploading script leaked creds for two months

A malicious alteration to a shell script lay undetected since January this year at software testing coverage report provider Codecov, sparking fears of another significant supply chain attack.
Bleeping Computer

Codecov starts notifying customers affected by supply-chain attack

As of a few hours ago, Codecov has started notifying the maintainers of software repositories affected by the recent supply-chain attack. These notifications, delivered via both email and the Codecov ...
Gizmodo

U.S. Federal Investigators Are Reportedly Looking Into Codecov Security Breach, Undetected for Months

U.S. federal investigators are purportedly looking into a security breach at Codecov, a platform used to test software code with more 29,000 customers worldwide, Reuters reported on Saturday. The ...
HHS

Attack on Codecov Affects Customers

Codecov, a company that tests software code prior to release, has notified customers that attackers had access to its network for a month and placed malware in one of its systems, which may have led ...