New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Codecov Attackers Gained Access to Source Code has recently disclosed the impact of the Codecov supply-chain attack that affected multiple companies. is an online workflow management platform used by project managers, sales and CRM professionals, marketing teams, and various other organizational departments. The platform’s clients include prominent businesses like Uber, BBC Studios, Adobe, Universal, Hulu, L’Oreal, Coca-Cola, and Unilever. It was reported last month that the code coverage tool Codecov, has been a victim of a supply-chain attack that lasted for approximately two months. During that period, the attackers modified the legitimate Codecov Bash Uploader tool to steal environment variables (containing sensitive information such as keys, tokens, and credentials) from Codecov customers’ CI/CD environments. Using the stolen credentials, the Codecov attackers reportedly breached hundreds of customer networks. Codecov customer has recently announced that it was impacted by the Codecov supply-chain attack. After their investigation into the Codecov breach, found that unauthorized actors had gained access to a read-only copy of their source code.

Analyst Notes

Codecov users should scan their CI/CD environments and networks for any signs of compromise, and as a safeguard, rotate all secrets that may have been exposed. It also advisable to change user credentials that are associated with Codecov to try and stop malicious use of the stolen credentials.