{"id":40615,"date":"2021-04-26T19:35:08","date_gmt":"2021-04-26T19:35:08","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/"},"modified":"2021-04-26T19:35:08","modified_gmt":"2021-04-26T19:35:08","slug":"hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/","title":{"rendered":"HashiCorp reveals exposure of private code-signing key after Codecov compromise"},"content":{"rendered":"<p>HashiCorp, an open-source company whose Terraform product is widely used for automated cloud deployments, has revealed a private code-signing key was exposed thanks to the compromised Codecov script discovered earlier this month.<\/p>\n<p>Codecov, which provides tools to assess how much of an application&#8217;s code is subject to unit tests, <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/04\/19\/codecov_warns_of_stolen_credentials\/\" rel=\"noopener noreferrer\">reported<\/a> that a script used to upload data to its servers was modified to export credentials to an attacker&#8217;s server. The company said it had &#8220;not been able to determine conclusively who carried out the event.&#8221;<\/p>\n<p>HashiCorp, one of Codecov&#8217;s 29,000 customers, has <a target=\"_blank\" href=\"https:\/\/discuss.hashicorp.com\/t\/hcsec-2021-12-codecov-security-event-and-hashicorp-gpg-key-exposure\/23512\" rel=\"noopener noreferrer\">confirmed<\/a> it was among those hit. Specifically, it said &#8220;a subset of HashiCorp&#8217;s CI pipelines used the affected Codecov component&#8221; and &#8220;the GPG private key used for signing hashes used to validate HashiCorp product downloads&#8230; was exposed.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",banner_plus,fluid,mpu\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The exposure means that potentially the attacker could have modified HashiCorp products while signing them with a genuine key, but the company said the &#8220;investigation has not revealed evidence of unauthorized usage.&#8221; It has validated existing releases, revoked the exposed key, and re-signed its downloads with a new key.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2020\/11\/12\/shutterstock_encryption_backdoor.jpg?x=174&amp;amp;y=115&amp;amp;crop=1\" width=\"174\" height=\"115\" alt=\"Encryption backdoor\"><\/p>\n<h2 title=\"Environment variables full of secrets uploaded to attacker server\">Codecov dev tool warns of stolen credentials from compromised script, undiscovered for two months<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2021\/04\/19\/codecov_warns_of_stolen_credentials\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>While that is somewhat reassuring, the Codecov incident and this follow-up report have disturbing implications. The compromise of the Codecov script was in place for a long period, beginning January 31, and there were a number of altered versions. Codecov has given details of the last tampered version but said &#8220;there were periodic, unauthorized alterations of our Bash Uploader script by a third party&#8221; so there is uncertainty about the attacks used in older versions.<\/p>\n<h3 class=\"crosshead\"> <span>Continuous <span class=\"strike\">Integration<\/span> uncertainty<\/span><br \/>\n<\/h3>\n<p>A second concern is that the attacker may have used harvested credentials for further incursions of which we currently know nothing. The credentials that were stolen were those that were stored in environmental variables on machines or containers used as part of a CI (Continuous Integration) process, which might include API keys, database logins, or (as in the HashiCorp example) cryptographic certificates. The whole point of stealing credentials is to enable further attacks.<\/p>\n<p>Third, the reach of HashiCorp tools into enterprise computing is huge, bigger than that of Codecov. Earlier this month the company <a target=\"_blank\" href=\"https:\/\/www.globenewswire.com\/news-release\/2021\/04\/07\/2206128\/0\/en\/HashiCorp-Releases-Identity-based-Security-as-a-Service-on-the-HashiCorp-Cloud-Platform.html\" rel=\"noopener noreferrer\">said<\/a>, in the context of a new release of its Vault secrets management product, that &#8220;nearly 25 per cent of the Fortune 500 and 70 per cent of the 20 largest US banks rely on Vault to secure their most sensitive data.&#8221;<\/p>\n<p>While there is no suggestion in HashiCorp&#8217;s report that its products have been compromised, the fact that it was running a credential-stealing script as part of the build process for some of its products is still a cause for concern.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu_plusplus,\" data-sm=\",mpu_plusplus,\" data-md=\",mpu_plusplus,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The company&#8217;s statement is itself inconclusive. HashiCorp said it &#8220;has performed additional remediations related to information potentially exposed during this incident. Incident response activities are ongoing, and relevant updates and outcomes will be shared promptly when available,&#8221; which leaves customers to guess at the nature of these further leaks.<\/p>\n<p>HashiCorp is both savvy enough to have detected that it had a problem, and responsible enough to disclose this to its customers. How many other examples are there, small and large, how many discovered, and how many disclosed?<\/p>\n<p>A <i>Reg<\/i> staff member received an email from their letting agency saying that &#8220;Codecov informed us on April 15 that the breach could have given access to all personal data of our users from March 9 onwards.&#8221; There was no evidence of unusual activity, the agency said, but added that it &#8220;would still like to advise you to create a new password in order to further protect your account.&#8221;<\/p>\n<p>What this suggests is that the list of those potentially affected by the Codecov breach is long, and we are unlikely to know the full implications for a while yet.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",dbutton,mpu_plus,dmpu,\" data-sm=\",dbutton,mpu_plus,dmpu,\" data-md=\",dbutton,mpu_plus,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>It is reminiscent of another supply chain attack on <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/04\/15\/solarwinds_hack_russia_apt29_positive_technologies_sanctions\/\" rel=\"noopener noreferrer\">SolarWinds<\/a>, where we know the attack was long-term and extensive, but the full implications may not be known for years.<\/p>\n<p>What should HashiCorp customers do? &#8220;Ensure that they download HashiCorp products only from the official release channel,&#8221; the company said in its statement, which, while true, is not especially illuminating. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2021\/04\/26\/hashicorp_reveals_exposure_of_private\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Among the first of many? Software tools biz reports internal use of credential-stealing script HashiCorp, an open-source company whose Terraform product is widely used for automated cloud deployments, has revealed a private code-signing key was exposed thanks to the compromised Codecov script discovered earlier this month.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-40615","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>HashiCorp reveals exposure of private code-signing key after Codecov compromise 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"HashiCorp reveals exposure of private code-signing key after Codecov compromise 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-26T19:35:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"HashiCorp reveals exposure of private code-signing key after Codecov compromise\",\"datePublished\":\"2021-04-26T19:35:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/\"},\"wordCount\":704,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/\",\"name\":\"HashiCorp reveals exposure of private code-signing key after Codecov compromise 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2021-04-26T19:35:08+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#primaryimage\",\"url\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HashiCorp reveals exposure of private code-signing key after Codecov compromise\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"HashiCorp reveals exposure of private code-signing key after Codecov compromise 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/","og_locale":"en_US","og_type":"article","og_title":"HashiCorp reveals exposure of private code-signing key after Codecov compromise 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-04-26T19:35:08+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"HashiCorp reveals exposure of private code-signing key after Codecov compromise","datePublished":"2021-04-26T19:35:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/"},"wordCount":704,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/","url":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/","name":"HashiCorp reveals exposure of private code-signing key after Codecov compromise 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2021-04-26T19:35:08+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YIeyD-ZEWfyfTZjVCCPjjgAAAAA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hashicorp-reveals-exposure-of-private-code-signing-key-after-codecov-compromise\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"HashiCorp reveals exposure of private code-signing key after Codecov compromise"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40615","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=40615"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40615\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=40615"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=40615"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=40615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}