Google supply chain bug patched in code-testing tool Bazel

3 February 2024

A critical supply chain bug in a Google’s open-source software development tool called Bazel opened the door to hackers to insert malicious code. The command injection vulnerability, according to researchers, impacted the security of millions of Bazel-dependent projects including Kubernetes, Angular, Uber, LinkedIn, Databricks, DropBox, Nvidia and Google.

Source: SC Magazine

Date:

3 February 2024

Categorie(s):

NEWS

Tag(s):

Bazel, Google, IT, Malware, News

Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale6 November 2024
Canada arrests suspected hacker over breach of 160+ Snowflake users’ data6 November 2024
Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024
DocuSign’s API used to lure victims into e-signing fake invoices5 November 2024
Schneider Electric ransomware crew demands $125k paid in baguettes5 November 2024