Researcher breaches over 35 companies internal systems (including Apple’s)

A researcher managed to breach over 35 major companies’ internal systems, including Apple, Microsoft, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, in a novel software supply chain attack, reports Bleeping Computer.

The article says the attack comprised uploading malware to open source repositories including PyPI, npm, and RubyGems, which then got distributed downstream automatically into the company’s internal applications. Apple has told BleepingComputer that Birsan will get a reward via the Apple Security Bounty program for responsibly disclosing this issue.

Dennis Sellers
the authorDennis Sellers
Dennis Sellers is the editor/publisher of Apple World Today. He’s been an “Apple journalist” since 1995 (starting with the first big Apple news site, MacCentral). He loves to read, run, play sports, and watch movies.