fbpx

Episode 94: Hosting Provider Exposed 63 Million Customer Records

GET UP TO $500K IN BUSINESS FUNDING

A hosting provider exposed over 63 million customer records via an open elastic search database containing verbose logs with plain-text username/password credentials for numerous WordPress, Magento and other sites. We also talk about the security updates in WordPress 5.5.2/5.5.3 and the accidental 5.5.3-alpha autoupdate.

We talk about object injection vulnerabilities like the one discovered in the Welcart e-Commerce plugin and how POP chain attacks work.

And Google’s Project Zero finds a high-severity vulnerability in GitHub Actions not fixed within the 90-day disclosure grace period.

Here are timestamps and links in case you’d like to jump around, and a

This post was originally published on this site

BUILD A WEBSITE: RESOURCES

Pin It on Pinterest

Share This
Xiphos Web Marketing

FREE
VIEW