Incident Analysis
Codecov Bash Uploader Compromise: A Retrospective
A single altered line in Codecov's Bash Uploader leaked CI secrets for 69 days across thousands of repos. Here is what actually happened and why.
Apr 15, 20216 min read
Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
A single altered line in Codecov's Bash Uploader leaked CI secrets for 69 days across thousands of repos. Here is what actually happened and why.
The SolarWinds SunBurst campaign rewrote the supply chain threat model. Five years of research reveal what changed and what defenders still miss.
Five years after CVE-2014-6271, Shellshock remains the clearest case study in how one interpreter bug becomes thousands of downstream holes.
Five years after CVE-2014-0160, Heartbleed still shapes how we think about shared cryptographic libraries, disclosure ethics, and open-source funding.
Operation ShadowHammer pushed a signed backdoor to roughly half a million ASUS laptops, targeting a list of 600 specific MAC addresses.
XcodeGhost in 2015 infected at least 128 million iOS users through a malicious Xcode download. It is still the cleanest compiler-trust case.
The CCleaner backdoor of 2017 was among the first modern build-system compromises to achieve mass distribution through a trusted installer.
The 2017 Equifax breach is a case study in Apache Struts, inherited dependencies, and a vulnerability management process that mistook lists for action.
The forensic detail of how M.E.Doc's update server became the delivery mechanism for NotPetya, and what it means for small-vendor risk.
Weekly insights on software supply chain security, delivered to your inbox.