CircleCI, a software development service, confirms data breach incidents as the information stealer malware was deployed on a developer’s laptop.
CircleCI revealed they had initially alerted suspicious activity on December 29, 2023, that started rotating all GitHub OAuth tokens on December 31 on customers’ behalf. According to the sources, this malware function could execute a cookie theft session, enabling them to imitate the targeted employee in a remote location and escalating access to a subset of the production system.
Datadog, one of the impacted customers of CircleCI, announced that it had identified an old RPM GNU Privacy Guard (GPG)- a private login key has been compromised along with its passphrase.
Read more: CircleCI Hacked via Malware on Employee Laptop