Difference between revisions of "Codecov"
Jump to navigation
Jump to search
↑ "HashiCorp revoked private key exposed in Codecov security breach". VentureBeat. 2021-04-27. Retrieved 2021-08-03.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>
| Line 5: | Line 5: | ||
== Security issue == | == Security issue == | ||
Around April 2021, a [[supply chain attack]] using code auditing tool codecov allowed hackers limited access to [[HashiCorp]]'s customers networks.<ref>{{Cite web|date=2021-04-27|title=HashiCorp revoked private key exposed in Codecov security breach|url=https://venturebeat.com/2021/04/26/hashicorp-revoked-private-key-exposed-in-codecov-security-breach/|access-date=2021-08-03|website=VentureBeat|language=en-US}}</ref> As a result private credentials were leaked. HashiCorp revoked a private signing key and asked its customers to use a new rotated key. | Around April 2021, a [[supply chain attack]] using code auditing tool codecov allowed hackers limited access to [[HashiCorp]]'s customers networks.<ref>{{Cite web|date=2021-04-27|title=HashiCorp revoked private key exposed in Codecov security breach|url=https://venturebeat.com/2021/04/26/hashicorp-revoked-private-key-exposed-in-codecov-security-breach/|access-date=2021-08-03|website=VentureBeat|language=en-US}}</ref> As a result private credentials were leaked. HashiCorp revoked a private signing key and asked its customers to use a new rotated key. | ||
| − | |||
== Related == | == Related == | ||
Revision as of 18:55, 26 July 2023
Security issue
Around April 2021, a supply chain attack using code auditing tool codecov allowed hackers limited access to HashiCorp's customers networks.[1] As a result private credentials were leaked. HashiCorp revoked a private signing key and asked its customers to use a new rotated key.
Related
See also
- SLSA,
slsa-verifier - Sentry,
sentry-cli, Sentry self hosted, Sentry Connect Services, Kubernetes,sentry backup, Codecov
Advertising:
