While investigating a misconfiguration flaw in Apache Airflow, researchers discovered many exposed instances over the web leaking sensitive information, including credentials, from well-known tech companies.
This week, researchers Nicole Fishbein and Ryan Robinson from security firm Intezer have disclosed details on how they identified misconfiguration errors across Apache Airflow servers run by major tech companies.
The misconfiguration flaws resulted in sensitive data leakage including thousands of credentials from popular platforms and services such as Slack, PayPal, and Amazon Web Services (AWS), among others.
