Open Source

Supply chain attack targets internal apps at tech giants

Alex Birsan, an ethical hacker discovered a security vulnerability belonging to several companies, including Tesla, Apple, Netflix, and Microsoft by exploiting open-source repositories that allowed him to run code on their internal systems. The supply chain attack involved uploading malware to open-source repositories including npm, PyPI, and RubyGems that got distributed downstream. The supply chain […]