all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The supply chain in disarray. [Research Saturday]

Add to bookmarks
March 30, 2024, 5 a.m. | N2K Networks

CyberWire Daily thecyberwire.com

Elad, a Senior Security Researcher from Cycode is sharing their research on "Cycode Discovers a Supply Chain Vulnerability in Bazel." This security flaw could let hackers inject harmful code, potentially affecting millions of projects and users, including Kubernetes, Angular, Uber, LinkedIn, Databricks, DropBox, Nvidia, Google, and many more.
The research states "We reported the vulnerability to Google via its Vulnerability Reward Program, where they acknowledged our discovery and proceeded to address and fix the vulnerable components."
Please take a moment …

angular code cycode databricks dropbox flaw google hackers inject kubernetes linkedin millions nvidia projects research researcher security security flaw security researcher sharing states supply supply chain supply chain vulnerability uber vulnerability

Visit resource

More from thecyberwire.com / CyberWire Daily

Retirement plan breach shakes financial giant. 14 hours ago | thecyberwire.com
biden breach called cornell +24
Ransomware is just a prescription for chaos. 1 day, 14 hours ago | thecyberwire.com
addresses benefits breach carriers +27
An unprecedented surge in credential stuffing. 2 days, 14 hours ago | thecyberwire.com
as-a-service bank botnet ceo +33
Encore: Jack Rhysider: Get your experience points in everything. [Media] [Career Notes] 4 days, 3 hours ago | thecyberwire.com
career computer darknet darknet diaries +19
Cerber ransomware strikes Linux. [Research Saturday] 5 days, 3 hours ago | thecyberwire.com
application cado security cerber cerber ransomware +16
Kaiser Permanente's privacy predicament. 5 days, 14 hours ago | thecyberwire.com
breaches cisa cobalt cobalt strike +35
Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition] 6 days, 5 hours ago | thecyberwire.com
center changing conversation cyber +17
Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3) [Special Edition] 6 days, 5 hours ago | thecyberwire.com
center changing conversation cyber +17
The shadowy adversary in Cisco's crosshairs. 6 days, 14 hours ago | thecyberwire.com
adaptive security adversary amazon amazon ring +35

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs