Security News > 2021 > May > Twilio discloses impact from Codecov supply-chain attack
Cloud communications company Twilio has now disclosed that it was impacted by the recent Codecov supply-chain attack in a small capacity.
Today, cloud communications and VoIP platform Twilio has announced that it was impacted by the Codecov supply-chain attack.
Shortly after Codecov had disclosed the security incident concerning its Bash Uploader last month, Twilio was notified that they were impacted too.
On April 22nd, GitHub had also notified Twilio after detecting suspicious activity related to Codecov exposure, and that specifically a Twilio user token had been exposed.
Further, the company has rotated all secrets that could have been possibly exposed in the repositories, as a result of the Codecov supply-chain attack.
Twilio is not the first or the only company to be impacted by the Codecov supply-chain attack.
News URL
Related news
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)