Recently, we learned of a breach of CircleCI. They strongly suggest that all their customers:
- Immediately rotate any and all secrets stored in CircleCI.
- Review internal logs for their systems for unauthorized access from December 21, 2022, through January 4, 2023, or the date you rotated the secrets in CircleCI.
The CircleCI team also invalidated all Project API tokens and informed users that they would need to be replaced.
This article has been indexed from DZone Security Zone
Read the original article: