Security News > 2021 > May > Rapid7 source code, credentials accessed in Codecov supply-chain attack

US cybersecurity firm Rapid7 has disclosed that some source code repositories were accessed in a security incident linked to the supply-chain attack that recently impacted customers of the popular Codecov code coverage tool.

Only internal credentials and tooling source code accessed.

The cybersecurity firm added that the Codecov tools compromised in last month's supply-chain attack were not used to work with production code.

A few days later, federal investigators reportedly discovered that the threat actors behind the Codecov hack automated the process of testing the stolen credentials, managing to breach the networks of hundreds of Codecov clients.

Two weeks after disclosing the breach discovered on April 1st, Codecov began notifying customers affected by the supply-chain attack, informing them that the unknown attackers might have downloaded their source code repositories.

As first reported by BleepingComputer, Codecov customer and open-source software maker HashiCorp disclosed that the code-signing GPG private key used for signing and verifying software releases was exposed in the attack.

News URL

https://www.bleepingcomputer.com/news/security/rapid7-source-code-credentials-accessed-in-codecov-supply-chain-attack/