{"id":1500,"date":"2021-02-18T16:18:25","date_gmt":"2021-02-18T21:18:25","guid":{"rendered":"https:\/\/www.pwvconsultants.com\/blog\/?p=1500"},"modified":"2021-02-18T16:18:28","modified_gmt":"2021-02-18T21:18:28","slug":"novel-attack-via-open-source-repositories","status":"publish","type":"post","link":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/","title":{"rendered":"Novel Attack Via Open-Source Repositories"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\" id=\"h-an-ethical-hacker-managed-to-breach-over-35-companies-with-a-new-attack-businesses-must-ensure-internal-code-does-not-end-up-on-open-source-repositories\">An ethical hacker managed to breach over 35 companies with a new attack. Businesses must ensure internal code does not end up on open-source repositories.<\/h2>\n\n\n\n<p>In the world of software research and development, open-source repositories are an essential part of every project. Repositories are places devs and coders can go to find answers to a problem they can\u2019t solve, to collaborate with other coders and devs, to share ideas and problem solve together. Every software project is an invention, no two are alike, but code that has been written to solve a problem or complete a task can be reused in other R&amp;D projects. Using open-source repositories generally comes with a level of trust in what is shared, but, <a href=\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\" target=\"_blank\" rel=\"noreferrer noopener\">as we\u2019ve discussed in the past<\/a>, it\u2019s a place of easy access for threat actors to exploit.<\/p>\n\n\n\n<p>Recently, a white-hat hack was completed by Alex Birsan, an ethical hacker. Threatpost has a great article <a rel=\"noreferrer noopener\" href=\"https:\/\/threatpost.com\/supply-chain-hack-paypal-microsoft-apple\/163814\/\" target=\"_blank\">detailing the attack itself<\/a>, which has resulted in breaching over 35 companies to date. Big companies like Microsoft, Apple, Netflix and Uber are on that list. But what really got our attention was how the idea for the attack came to be.<\/p>\n\n\n\n<p>Last summer, Birsan was attempting to hack PayPal with another ethical hacker, Justin Gardner. Gardner shared \u201can interesting bit of Node.js source code found on GitHub\u201d with Birsan. This code was meant for internal PayPal use, but was found on GitHub, and had a combination of public and private dependencies in its package.json file. There were public packages from npm and non-public package names, likely hosted internally by PayPal, that were not on the public npm registry at the time.<\/p>\n\n\n\n<p>According to <a href=\"https:\/\/medium.com\/@alex.birsan\/dependency-confusion-4a5d60fec610\" target=\"_blank\" rel=\"noreferrer noopener\">Birsan\u2019s Medium post<\/a>, he wondered what would happen if malicious code was uploaded to npm under those names. Would some of PayPal\u2019s internal projects begin to default to the new public packages instead of the private ones? That\u2019s when he decided to upload his own Node packages to the npm registry under the unclaimed names. This code would notify him if it was installed on any of PayPal\u2019s servers.&nbsp;<\/p>\n\n\n\n<p>The short answer to that question is yes, which is concerning but also concerning is that PayPal had internal dependency information sitting around on an open-source platform. We\u2019ve already seen examples of open-source code containing malware on the npm registry and GitHub, which should have prompted every business to complete a full code review. Now businesses need to make sure that their internal code packages are not hanging out on open-source platforms for all the world to see.<\/p>\n\n\n\n<p>Most of the businesses Birsan breached have 1000+ employees, which means that they likely have quite a few devs and coders. In these cases, internal code dependencies really should be kept somewhere that only the people who need them have access to them. It\u2019s like setting up IAM controls for your devs, it should be done using the least privilege method. Not all of your devs and coders need access to those dependencies. Or maybe they need access to view and copy, but not to edit or share. There are ways to restrict this kind of access. <\/p>\n\n\n\n<p>The next step for businesses in this area is to hire an expert to review open-source repositories for internal code. The majority of workers who touch code inside an organization are already overworked and told to make concessions on projects to meet deadlines. They don\u2019t have time to look through open-source repositories for code, but someone needs to ensure the safety and security of your business and its proprietary information.&nbsp;<\/p>\n\n\n\n<p>If an ethical hacker can have this kind of success with the attack he planned, what is a threat actor going to be capable of? Birsan was already thinking outside the box when he planned this attack, something threat actors are constantly doing to stay ahead of law enforcement and security professionals. It\u2019s not a matter of \u201cif\u201d a hacker is going to try something similar, it\u2019s a matter of \u201cwhen.\u201d It is incredibly important to protect the code that your business uses, this is the stability, functionality and security of your livelihood and the livelihoods of your employees. It\u2019s not something to take lightly or gloss over thinking it can be done later. It cannot be done later, it must be done now, or it will be too late.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A white-hat hack breached 35 companies with a novel attack. Internal business code should never be found on open-source repositories.<\/p>\n","protected":false},"author":1,"featured_media":1513,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[599,5,9,2129],"tags":[1569,2131,1910,31,2133,1674,2130,1905,2132,17,1878,1875],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.2 (Yoast SEO v22.2) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Novel Attack Via Open-Source Repositories - PWV Consultants<\/title>\n<meta name=\"description\" content=\"A white-hat hack breached 35 companies with a novel attack. Internal business code should never be found on open-source repositories.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Novel Attack Via Open-Source Repositories\" \/>\n<meta property=\"og:description\" content=\"A white-hat hack breached 35 companies with a novel attack. Internal business code should never be found on open-source repositories.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/\" \/>\n<meta property=\"og:site_name\" content=\"PWV Consultants\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964\" \/>\n<meta property=\"article:published_time\" content=\"2021-02-18T21:18:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-02-18T21:18:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1707\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Pieter VanIperen\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@PWV_Consultants\" \/>\n<meta name=\"twitter:site\" content=\"@PWV_Consultants\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Pieter VanIperen\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/\"},\"author\":{\"name\":\"Pieter VanIperen\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4\"},\"headline\":\"Novel Attack Via Open-Source Repositories\",\"datePublished\":\"2021-02-18T21:18:25+00:00\",\"dateModified\":\"2021-02-18T21:18:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/\"},\"wordCount\":742,\"publisher\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg\",\"keywords\":[\"code\",\"Cyberattack\",\"CyberSec\",\"Cybersecurity\",\"dependencies\",\"ethical hacking\",\"Novel Attack\",\"open-source\",\"Repositories\",\"Security\",\"testing\",\"White Hat Hack\"],\"articleSection\":[\"Coding\",\"Cyber Security\",\"DevOps\",\"Testing\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/\",\"name\":\"Novel Attack Via Open-Source Repositories - PWV Consultants\",\"isPartOf\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg\",\"datePublished\":\"2021-02-18T21:18:25+00:00\",\"dateModified\":\"2021-02-18T21:18:28+00:00\",\"description\":\"A white-hat hack breached 35 companies with a novel attack. Internal business code should never be found on open-source repositories.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#primaryimage\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg\",\"contentUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg\",\"width\":2560,\"height\":1707,\"caption\":\"Double exposure of abstract creative programming illustration on computer background, big data and blockchain concept\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.pwvconsultants.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Novel Attack Via Open-Source Repositories\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#website\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/\",\"name\":\"PWV Consultants\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.pwvconsultants.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\",\"name\":\"PWV Consultants\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png\",\"contentUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png\",\"width\":98,\"height\":84,\"caption\":\"PWV Consultants\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964\",\"https:\/\/twitter.com\/PWV_Consultants\",\"https:\/\/www.linkedin.com\/company\/pwv-consultants\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4\",\"name\":\"Pieter VanIperen\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g\",\"caption\":\"Pieter VanIperen\"},\"description\":\"PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/pwv-consultants\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Novel Attack Via Open-Source Repositories - PWV Consultants","description":"A white-hat hack breached 35 companies with a novel attack. Internal business code should never be found on open-source repositories.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/","og_locale":"en_US","og_type":"article","og_title":"Novel Attack Via Open-Source Repositories","og_description":"A white-hat hack breached 35 companies with a novel attack. Internal business code should never be found on open-source repositories.","og_url":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/","og_site_name":"PWV Consultants","article_publisher":"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964","article_published_time":"2021-02-18T21:18:25+00:00","article_modified_time":"2021-02-18T21:18:28+00:00","og_image":[{"width":2560,"height":1707,"url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg","type":"image\/jpeg"}],"author":"Pieter VanIperen","twitter_card":"summary_large_image","twitter_creator":"@PWV_Consultants","twitter_site":"@PWV_Consultants","twitter_misc":{"Written by":"Pieter VanIperen","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#article","isPartOf":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/"},"author":{"name":"Pieter VanIperen","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4"},"headline":"Novel Attack Via Open-Source Repositories","datePublished":"2021-02-18T21:18:25+00:00","dateModified":"2021-02-18T21:18:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/"},"wordCount":742,"publisher":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg","keywords":["code","Cyberattack","CyberSec","Cybersecurity","dependencies","ethical hacking","Novel Attack","open-source","Repositories","Security","testing","White Hat Hack"],"articleSection":["Coding","Cyber Security","DevOps","Testing"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/","url":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/","name":"Novel Attack Via Open-Source Repositories - PWV Consultants","isPartOf":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#primaryimage"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg","datePublished":"2021-02-18T21:18:25+00:00","dateModified":"2021-02-18T21:18:28+00:00","description":"A white-hat hack breached 35 companies with a novel attack. Internal business code should never be found on open-source repositories.","breadcrumb":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#primaryimage","url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg","contentUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/02\/Novel-Attack-Open-Source-scaled.jpeg","width":2560,"height":1707,"caption":"Double exposure of abstract creative programming illustration on computer background, big data and blockchain concept"},{"@type":"BreadcrumbList","@id":"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pwvconsultants.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Novel Attack Via Open-Source Repositories"}]},{"@type":"WebSite","@id":"https:\/\/www.pwvconsultants.com\/blog\/#website","url":"https:\/\/www.pwvconsultants.com\/blog\/","name":"PWV Consultants","description":"","publisher":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pwvconsultants.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization","name":"PWV Consultants","url":"https:\/\/www.pwvconsultants.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png","contentUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png","width":98,"height":84,"caption":"PWV Consultants"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/PWV-Consultants-110444033947964","https:\/\/twitter.com\/PWV_Consultants","https:\/\/www.linkedin.com\/company\/pwv-consultants"]},{"@type":"Person","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4","name":"Pieter VanIperen","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g","caption":"Pieter VanIperen"},"description":"PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.","sameAs":["https:\/\/www.linkedin.com\/company\/pwv-consultants"]}]}},"_links":{"self":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1500"}],"collection":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/comments?post=1500"}],"version-history":[{"count":5,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1500\/revisions"}],"predecessor-version":[{"id":1517,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1500\/revisions\/1517"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/media\/1513"}],"wp:attachment":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/media?parent=1500"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/categories?post=1500"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/tags?post=1500"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}