US investigators probing breach at code testing vendor

Software testing is a vital part of the development process. However, it’s also a potential risk in your supply chain…:

[…] Codecov said in a statement hackers began tampering with its software – which is used across the tech industry to help test code for mistakes and vulnerabilities – on January 31.

However, the intrusion was only detected earlier this month when an astute customer noticed there was something off about the tool, Codecov said.

Although the ramifications of the incident remain unclear, the breach drew comparisons to the recent compromise of Texas software firm SolarWinds by alleged Russian hackers, both because the breach could have follow-on effects at many of the organisations that use Codecov and because of the length of time that the doctored software remained in circulation.

[…]

Original article