HashiCorp reveals exposure of private code-signing key after Codecov compromise

26 April 2021

HashiCorp, an open-source company whose Terraform product is widely used for automated cloud deployments, has revealed a private code-signing key was exposed thanks to the compromised Codecov script discovered earlier this month. Codecov, which provides tools to assess how much of an application’s code is subject to unit tests, reported that a script used to upload data to its servers was modified to export credentials to an attacker’s server.

Read full article on The Register

Date:

26 April 2021

Categorie(s):

NEWS

Tag(s):

HashiCorp, IT, News, Open Source, Open Source Software

Microsoft finds Kubernetes clusters targeted by OpenMetadata exploits18 April 2024
6 Best Free and Open-Source Web Application Firewalls18 April 2024
Ransomware feared as IT ‘issues’ force Octapharma Plasma to close 150+ centers18 April 2024
Europol-led task force shuts down LabHost phishing platform, arrests suspected hackers18 April 2024
Crooks exploit OpenMetadata holes to mine crypto – and leave a sob story for victims18 April 2024