The Record -
The developers of the Jenkins server, one of the most widely used open-source automation systems, said they suffered a security breach after hackers gained access to one of their internal servers and deployed a cryptocurrency miner.
Despite the intrusion and malware deployment, the Jenkins team downplayed the severity of the breach in a statement published on Saturday.
Jenkins admins said the hacked server, which hosted the now-defunct Jenkins wiki portal (wiki.jenkins.io), had already been deprecated since October 2019 when the project moved its wiki and team collaboration systems from a self-hosted Atlassian Confluence server to the GitHub platform.
“At this time we have no reason to believe that any Jenkins releases, plugins, or source code have been affected,” the Jenkins team said over the weekend.
Following the discovery of the hack, Jenkins developers said they permanently took down the hacked Confluence server, rotated privileged credentials, and reset passwords for developer accounts.
Breach part of the
The post Jenkins project discloses security breach following Confluence server hack was first published at The Record.