Read the original article: Codecov Bash Uploader Dev Tool Compromised in Supply Chain Hack
Security response professionals are scrambling to measure the fallout from a software supply chain compromise of Codecov Bash Uploader that went undetected since January and exposed sensitive secrets like tokens, keys and credentials from organizations around the world.
Codecov Bash Uploader Dev Tool Compromised in Supply Chain Hack