// attack vector
CI/CD compromise
All indexed incidents whose primary attack vector is classified as CI/CD compromise. Sorted by disclosure date.
2 incidents indexed
- ·CRITICAL8.6·confirmed
CircleCI Session Token Breach (2023)
Malware on a CircleCI engineer's laptop stole a 2FA-backed session token, giving the attacker production access to customer environment variables and any secrets stored in CircleCI.
vector / CI/CD compromiseplatforms / CircleCI, GitHub, AWSread / 3 min - ·CRITICAL9.2·confirmed
Codecov Bash Uploader Compromise (2021)
Threat actors modified Codecov's Bash Uploader to exfiltrate environment variables containing tokens, credentials, and keys from CI/CD pipelines across roughly 29,000 affected organizations.
vector / CI/CD compromiseplatforms / Codecov, GitHub, GitLab, +1read / 4 min