Bluspark Resolves Security Issues in Supply Chain Platform Bluvoyix

By  |  January 14, 2026
 | 

Shipping tech company Bluspark Global reportedly resolved security issues in its shipping and supply chain platform Bluvoyix.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    The company did so after being notified of the vulnerabilities by security researcher Eaton Zveare, who found flaws that enabled access to shipping records and other customer data, TechCrunch reported Wednesday (Jan. 14).

    Bluspark eliminated the use of plaintext, unencrypted passwords, as well as the ability to remotely interact with its software, among other changes, according to the report.

    The company’s law firm told TechCrunch that Bluspark had remediated flaws and retained a third-party company to gain an independent assessment.

    Ming Lee, an attorney representing Bluspark, told the publication that the company is “confident in the steps taken to mitigate potential risk arising from the researcher’s findings,” per the report.

    Lee added that there was “no indication of customer impact or malicious activity attributable to the issues identified by the researcher,” according to the report.

    Advertisement: Scroll to Continue

    It was reported in May 2025 that criminals are using online supply chain platforms to facilitate “strategic theft,” a form of cargo theft in which fraudsters impersonate legitimate companies, book shipments and trick shippers, brokers or carriers into delivering cargo and/or payments to them instead of the legitimate companies.

    Strategic theft contributed to a 26% increase in the number of cargo theft incidents between 2023 and 2024, CNBC reported in May 2025, citing data from Verisk CargoNet.

    PYMNTS reported in August 2025 that in some cases, the weakest link in a company’s cybersecurity defenses is not the company itself, but a trusted vendor.

    Frequently, attackers compromise a vendor first, then use the trust relationship to infiltrate their target firm. These vendors may include cloud providers, software-as-a-service platforms, managed service providers and logistics partners.

    Investing and savings app Betterment said Monday (Jan. 12) that fraudsters gained unauthorized access to third-party platforms that it uses to support its marketing and operations. The fraudsters were then able to send unauthorized messages to Betterment’s customers and gain access to some customer information.

    In December 2025, it was reported that Goldman Sachs alerted some of its clients that their data may have been exposed due to a cybersecurity incident at one of the bank’s law firms.


    Recommended

    Bluspark Resolves Security Issues in Supply Chain Platform Bluvoyix

    Google Enables AI Assistant Gemini to Draw Information From Emails and Photos

    Bilt credit cards

    Bilt Debuts Cards With 10% Cap As Trump Seeks Lower Rates

    blockchain

    Figure Offers Companies Way to List Equity on Blockchain

    See More In: , , , , , , ,