Researcher breaches 35 tech firms in a novel supply chain attack
https://www.bleepingcomputer.com/news/security/copycats-imitate-novel-supply-chain-attack-that-hit-tech-giants/
This week, over 150 new packages have been published to the npm open-source repository named after private components being internally used by major companies.
These npm packages are identical to the proof-of-concept packages created by Alex Birsan, the researcher who had recently managed to infiltrate over major 35 tech firms and walk away with over six-figures in bug bounty rewards.
Researcher breaches 35 tech firms in a novel supply chain attack
Feb 12, 2021, 10:46pm UTC
https://www.bleepingcomputer.com/news/security/copycats-imitate-novel-supply-chain-attack-that-hit-tech-giants/
> This week, over 150 new packages have been published to the npm open-source repository named after private components being internally used by major companies.
> These npm packages are identical to the proof-of-concept packages created by Alex Birsan, the researcher who had recently managed to infiltrate over major 35 tech firms and walk away with over six-figures in bug bounty rewards.