- Nadav Noy
Showing all posts by Nadav Noy
The Risks of Being Blind to AI in Your Own Organization
Uncover the security concerns in the era of AI and LLMs, delving into code opacity and application embedding risks.
Remote Code Execution Vulnerability in Azure Pipelines Can Lead To Software Supply Chain Attack
Our team has found a vulnerability in Azure Pipelines (CVE-2023-21553) that allows an attacker to execute malicious code in a pipeline.
Toyota Customer Data Leaked Due To Software Supply Chain Attack
On Oct 7th, Toyota announced a possible data leakage incident. The compromised data contained 296,019 customers' private information, including customers' personal email addresses.
Software Supply Chain Attack Leads to Trojanized Comm100 Installer
On the 29th of September, it was revealed that the installer for the widely used Comm100 Live Chat application included malicious trojan malware. The installer was compromised using a supply chain attack on the Comm100 development pipeline.