An independent hacker has publicly revealed a second breach of NASA's systems, exposing critical security vulnerabilities.
The hacker, who shared the disclosure on social media platform X, stated that they had notified NASA directly about the issues, giving the space agency time to address the gaps.
The hacker, known by the handle "@7h3h4ckv157", posted: “I hacked @NASA (again) and reported some vulnerabilities to them. Just today, I received this appreciation letter from them after they patched the loopholes!”
NASA acknowledged the hacker’s findings and issued an official appreciation letter, signed by Mark Witt, from NASA's Office of the Chief Information Officer.
The letter commended the hacker’s role in identifying and responsibly reporting the security vulnerabilities, praising the hacker's adherence to NASA's Vulnerability Disclosure Policy (VDP).
NASA expressed gratitude, noting the hacker’s contributions in helping protect the "integrity and availability" of its information systems. Mark Witt wrote, “We would like to recognize your efforts as an independent security researcher, both in identifying the vulnerability you submitted and for following NASA's VDP policy and guidelines.”
Social media users reacted to the news with support for the hacker. Many praised the hacker for choosing to report the vulnerabilities rather than exploit them, while some joked about the lack of a tangible reward from NASA.
COMMENTS
Comments are moderated and generally will be posted if they are on-topic and not abusive.
For more information, please see our Comments FAQ