Alex Birsan, a security researcher, found an easy way to hack ten US companies, including Apple, Microsoft, Tesla, Uber and others. And all of them were very lucky that Birsan noticed the vulnerability before the attackers.
The method Birsan used did not require remote access to the company’s computers or special social engineering skills. He uploaded malicious files to the repositories for open source projects, which were automatically uploaded to the company’s servers and replaced the original files without any verification.
The companies’ servers are configured to implement open source projects automatically, so no response is needed. We can say that everything happens automatically.
Since Birsan is a “white” hacker, he uploaded harmless files to the servers and published the research only after it was fixed. Birsan received about 130 thousand dollars in the form of an award. Apple also confirmed that it would contact the hacker and reward him.