| [eclipse.org-committers] Security Alert: CircleCI has been breached |
| Dear committers, Yesterday, CircleCI published a security report that has caused concern. The report can be found at https://circleci.com/blog/january-4-2023-security-alert. Our team is currently working with projects that utilize CircleCI to rotate their secrets. If you are using CircleCI for your project and have not yet been contacted, you can expect to be contacted by the end of the day. If you have not received contact by tomorrow, you may want to consider opening a confidential helpdesk ticket for further assistance. Even if you are not directly using CircleCI for your project, it is important to be aware that some of your dependencies may be using it. It is important to be vigilant when it comes to new releases of third-party dependencies and to stay informed about the potential consequences of this security incident, as it could have far-reaching effects. Thanks! Mikaël Barbero Head of Security | Eclipse Foundation 🐦 @mikbarbero Eclipse Foundation: The Platform for Open Innovation and Collaboration |
Attachment:
signature.asc
Description: Message signed with OpenPGP