Codecov Supply Chain Hack Worse Than Initially Estimated

Tag Barnakle malware operation breached more than 120 ad servers, Chinese hacking group reportedly breached more than 200 Japanese organizations, Geico breach exposed drivers licenses, more

If you like Metacurity, please ask your organization about a bulk subscription with savings of up to 50%! Contact info@metacurity.com or click below. Thank you.

Hackers who infiltrated the software development tool from code auditing company Codecov used the program to gain restricted access to hundreds of networks belonging to the San Francisco firm’s customers, investigators say. The hackers used stored credentials for various internal software accounts, making the extra effort to gain access to other makers of software development programs, including industry giant IBM.

Dozens of likely victims were notified yesterday of what might be shaping up to be a supply chain hack on the scale of SolarWinds’ breach. (Joseph Menn, Raphael Satter / Reuters)

Related: Sonatype Blog, iTnews - Security, MSSP Alert, The Register - Security, DataBreachToday.com, CyberNews

Researchers at Confiant report that a malvertising operation dubbed Tag Barnakle has breached more than 120 ad servers over the past …