Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Branch.io Flaws may have affected as many as 685 million individuals

Tinder-2
More than 685 million users may have been exposed to XSS attacks due to a flaw in Branch.io service used by Tinder, Shopify, and many others.

Security Affairs was the first to publish the news of aDOM-XSS Bug Affecting Tinder, Shopify, Yelp, and other dating application.

The flaws were disclosed a few days ago by the researchers atvpnMentor who explained that an attackercould have been exploited them to access Tinder users’ profiles.

“After initial reconnaissance steps were done, a Tinder domain with multiple client-side security issues was found – meaninghackers could have access to users’ profiles and details.

Immediately after finding these vulnerabilities, we contacted Tinder via their responsible disclosure program and started working with them.” reads the analysis published by vpnMentor.

“We learned that the vulnerable endpoint isn’t owned by Tinder, but bybranch.io, an attribution platform used by many big corporations around the globe. The Tinder security team helped...(continued)

View All Trending Stories