cybersecurity Open Source

Airline Supply-Chain Attacks on The Rise

SITA, a communications and IT vendor for 90% of the world’s airlines, has been breached. Passenger data stored on the company’s U.S. servers has been compromised.  Malaysia Airlines sent out an email to their frequent flyer members informing them that there’s “no evidence” their personal data has been misused but that is highly unlikely. It […]

Open Source

Supply chain attack targets internal apps at tech giants

Alex Birsan, an ethical hacker discovered a security vulnerability belonging to several companies, including Tesla, Apple, Netflix, and Microsoft by exploiting open-source repositories that allowed him to run code on their internal systems. The supply chain attack involved uploading malware to open-source repositories including npm, PyPI, and RubyGems that got distributed downstream. The supply chain […]