Home / Security updates / Qilin Incident Update
Qilin Incident Update
Security updates detail rendered from /security-updates/upd_cc55834bbb3d91bf.
Overview
| ID | upd_cc55834bbb3d91bf |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Semgrep |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_cc55834bbb3d91bf |
| providerId | safebase |
| organizationId | org_941294b79d9cb01b |
| trustCenterId | tc_352422839237383f |
| title | Qilin Incident Update |
| message | We wanted to share an update on the security investigation. As part of our regular updates we want to reiterate that the access associated with the May 12 incident has been fully removed. There is no indication that any customer findings or source code were accessed by the threat actor. There is no indication that the integrity of Semgrep's source code or releases was compromised. Our investigation efforts remain on-going, with a focus ensuring no data exposed via the sandbox can undermine additional systems. Semgrep is aware of a release of Semgrep data by Qilin, a known threat actor. The data consists of Semgrep scan results of Semgrep source code. It's our understanding that the threat actor obtained the data via a Semgrep API token used to access a Semgrep sandbox environment. The sandbox environment is used by Semgrep for internal testing and held assessments of our first-party code and open source repositories. While we consider the compromise of any operational security to |
| url | - |
| publishedAt | 2026-06-05 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "incidents"
} |
| company | {
"id": "org_941294b79d9cb01b",
"name": "Semgrep",
"domains": [
"trust.semgrep.dev",
"semgrep.com"
]
} |
| trust_center | {
"id": "tc_352422839237383f",
"name": "Semgrep",
"url": "https://trust.semgrep.dev",
"host": "trust.semgrep.dev"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_cc55834bbb3d91bf",
"company": "/v1/companies/org_941294b79d9cb01b",
"trust_center": "/v1/trust-centers/tc_352422839237383f",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_cc55834bbb3d91bfJSON