Original release date: April 30, 2021
CISA is aware of a compromise of the Codecov software supply chain in which a malicious threat actor made unauthorized alterations of Codecov’s Bash Uploader script, beginning on January 31, 2021. Upon discovering the compromise on April 1, 2021, Codecov immediately remediated the affected script. On April 15, 2021, Codecov notified customers of the compromise and on April 29, 2021, Codecov released an update containing new detections—including indicators of compromise (IOCs) and a non-exhaustive data set of likely compromised environment variables—to assist organizations in determining whether they have been affected.
CISA urges all Codecov users to review the Codecov update and:
Affected users should immediately implement the guidance in the Recommended Actions for Affected Users and FAQ sections of Codecov’s update. CISA recommends giving special attention to Codecov’s guidance on changing (“re-rolling”) potentially affected credentials, tokens, and keys. CISA also recommends revoking and reissuing any potentially affected certificates.
This product is provided subject to this Notification and this Privacy & Use policy.
CISA released Microsegmentation in Zero Trust, Part One: Introduction and Planning as part of its…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
Update (07/24/2025): CISA continues to update reporting on this ongoing activity, as threat actor tactics,…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released nine Industrial Control Systems (ICS) advisories on July 22, 2025. These advisories provide…
CISA released six Industrial Control Systems (ICS) advisories on July 24, 2025. These advisories provide…
This website uses cookies.