Recent security breaches

Latest posts

XSS Case Study

XSS Case Study

Reading Time: 6 minutes Explore the key elements of this Cross-Site Scripting vulnerability in the Google search engine.

API vulnerability: Wild card to win USPS customer data

API vulnerability: Wild card to win USPS customer data

Reading Time: 3 minutes The US Postal Service launched its Informed Visibility program last year to provide better insight into their mailstream service. For example, one can obtain near real-time notifications about delivery dates and identify trends. However, they have made much more data available than intended, at least 60 million customers were exposed to anyone who is registered on http://www.usps.com.

The three fatal bugs behind the Facebook breach

The three fatal bugs behind the Facebook breach

Reading Time: 5 minutes The Facebook breach was discovered after the social media company saw an unusual spike of user activity that began on September 14, 2018. A few days later, on Tuesday, September 25, Facebook’s engineering team discovered an unprecedented security issue, that affected about 30 million users. The social media giant says the flaw has been patched, but the people behind this attack are still unknown.

Report a vulnerability in a responsible way!

Report a vulnerability in a responsible way!

If you have found a vulnerability and you want to act responsibly, discretion is most important. Always remember you have information that can be exploited by black-hats putting not only the...

Broken Access Control

Broken Access Control

In this article we cover examples of broken access control, how to find it in your application and possible consequences. Access control, or authorization, is how a web application grants access to...

Get to know your way around recent security breaches