Security News > 2021 > May > Codecov hackers gained access to Monday.com source code
As reported by BleepingComputer last month, popular code coverage tool Codecov had been a victim of a supply-chain attack that lasted for two months.
During this two-month period, threat actors had modified the legitimate Codecov Bash Uploader tool to exfiltrate environment variables from Codecov customers' CI/CD environments.
Monday.com source code accessed in Codecov attack.
Codecov customer Monday.com has recently announced that it was impacted by the Codecov supply-chain attack.
After their investigation into the Codecov breach, Monday.com found that unauthorized actors had gained access to a read-only copy of their source code.
As reported by BleepingComputer this week, US cybersecurity firm Rapid7 disclosed that some of their source code repositories and credentials were accessed by Codecov attackers.