Saturday, Jul 11, 2026
English News
  • Hyderabad
  • Telangana
  • AP News
  • India
  • World
  • Entertainment
  • Sport
  • Science and Tech
  • Business
  • Rewind
  • ...
    • NRI
    • View Point
    • cartoon
    • My Space
    • Education Today
    • Reviews
    • Property
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • My Space
  • Reviews
  • Education Today
  • Property
  • Lifestyle
Home | Science & Tech | Researcher Enters Servers Of 35 Tech Companies Runs Code

Researcher enters servers of 35 tech companies, runs code

According to Bleeping Computer, security researcher Alex Birsan found a security vulnerability that allowed him to run code on those servers in what is touted as a novel software supply chain attack.

By IANS
Published Date - 11 February 2021, 01:59 PM
Researcher enters servers of 35 tech companies, runs code
whatsapp facebook twitter telegram

New Delhi: A cyber security researcher has utilised a security vulnerability to run code on servers owned by over 35 major tech companies, including Apple, Microsoft, Netflix, Tesla, Uber, Shopify, Yelp and PayPal, the media reported.

According to Bleeping Computer, security researcher Alex Birsan found a security vulnerability that allowed him to run code on those servers in what is touted as a novel software supply chain attack.


Birsan has earned over $130,000 in rewards through bug bounty programmes and pre-approved penetration testing arrangements with these companies.

“I feel that it is important to make it clear that every single organisation targeted during this research has provided permission to have its security tested, either through public bug bounty programs or through private agreements. Please do not attempt this kind of test without authorisation,” Birsan was quoted as saying in the report.

Microsoft awarded him their highest bug bounty amount of $40,000 and released a white paper on this security issue.

The tech giant identified the issue as CVE-2021-24105 for their Azure Artifactory product.

The novel software supply chain attack comprised uploading malware to open source repositories, “which then got distributed downstream automatically into the company’s internal applications”.

The supply chain attack was more sophisticated as it needed no action by the victim, who automatically received the malicious packages.

Apple told Bleeping Computer that Birsan will get a reward via its Security Bounty programme for responsibly disclosing this issue.

PayPal has publicly disclosed Birsan’s HackerOne report mentioning the $30,000 bounty amount.

The possibility remains for such attacks to resurface and grow, especially on open-source platforms with no easy solution for dependency confusion, according to the researcher.

“I believe that finding new and clever ways to leak internal package names will expose even more vulnerable systems, and looking into alternate programming languages and repositories to target will reveal some additional attack surface for dependency confusion bugs,” the researcher said in his blog post.

  • Follow Us :
  • Tags
  • Apple
  • cyber security researcher
  • Microsoft
  • Netflix

Related News

  • Apple sues OpenAI over alleged trade secret theft

    Apple sues OpenAI over alleged trade secret theft

  • India emerges as major global hub for AI data centre investments

    India emerges as major global hub for AI data centre investments

  • BCom Honours vs. Regular BCom: What’s the Difference and Which One to Choose?

    BCom Honours vs. Regular BCom: What’s the Difference and Which One to Choose?

  • Uber launches ‘Record My Ride’ and Ambulance Assistance features

    Uber launches ‘Record My Ride’ and Ambulance Assistance features

Latest News

  • Dhanush unveils title of new Vetrimaaran film ‘Thamizh Murugan’

    10 seconds ago
  • Ashwini Vaishnaw urges IT industry to tap semiconductor opportunity

    9 mins ago
  • SC pulls up Maharashtra for opposing bail without speeding up trials

    9 mins ago
  • FIFA 2026: Argentina vs Switzerland Preview, squads and live streaming details

    11 mins ago
  • Tension escalates in Shabad after six murders, protesters confront MLA Kale Yadaiah

    13 mins ago
  • Gold prices fall 1.47 per cent as Fed minutes weigh on sentiment

    16 mins ago
  • Godavari pipeline leak disrupts water supply across several Hyderabad localities

    18 mins ago
  • Ram temple management to be strengthened after donation theft: Mishra

    21 mins ago

company

  • Home
  • About Us
  • Contact Us
  • Privacy Policy

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

  • Telangana Today Telangana Today
Telangana Today Telangana Today

© Copyrights 2024 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam