Malware Attack on CircleCI Engineer's Laptop Leads to Recent Security Incident

DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company's systems and data last month.
The CI/CD service CircleCI said the "sophisticated attack" took place on December 16, 2022, and that the malware went undetected by its antivirus

antivirus attack authentication breach circleci compromised credentials data december devops employee engineer factor incident laptop malware malware attack platform security security incident service steal systems the company threat threat actors undetected