·CRITICAL9.2·confirmed
Codecov Bash Uploader Compromise (2021)
Threat actors modified Codecov's Bash Uploader to exfiltrate environment variables containing tokens, credentials, and keys from CI/CD pipelines across roughly 29,000 affected organizations.
벡터 / CI/CD compromise플랫폼 / Codecov, GitHub, GitLab, +1분량 / 4분
