Categories
Open Source

Supply chain attack targets internal apps at tech giants

Alex Birsan, an ethical hacker discovered a security vulnerability belonging to several companies, including Tesla, Apple, Netflix, and Microsoft by exploiting open-source repositories that allowed him to run code on their internal systems. The supply chain attack involved uploading malware to open-source repositories including npm, PyPI, and RubyGems that got distributed downstream. The supply chain […]

Categories
cybersecurity

Huge Wave Of Vishing attacks Targeting Teleworkers According to FBI

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory that cybercriminals started a vishing campaign specifically targeting employees working from home for US companies in July of 2020. The attackers have been collecting login credentials for corporate networks and then selling the access to corporate resources to other […]