The supply chain in disarray. [Research Saturday]
Elad, a Senior Security Researcher from Cycode is sharing their research on "Cycode Discovers a Supply Chain Vulnerability in Bazel." This security flaw could let hackers inject harmful code, potentially affecting millions of projects and users, including Kubernetes, Angular, Uber, LinkedIn, Databricks, DropBox, Nvidia, Google, and many more.
The research states "We reported the vulnerability to Google via its Vulnerability Reward Program, where they acknowledged our discovery and proceeded to address and fix the vulnerable components."
Please take a moment to fill out an audience survey! Let us know how we are doing!
The research can be found here:
Cycode Discovers a Supply Chain Vulnerability in Bazel
Learn more about your ad choices. Visit megaphone.fm/adchoices
The supply chain in disarray. [Research Saturday]