Sign up for our newsletter!
Stay informed on the latest DevOps news

staging-devopsy.kinsta.cloud

Traceable Breach Analysis

open source Shopify breach

The Shopify Breach: Why Authz Exploits Slip by Most Security Defenses

| | Authz, breach analysis, Cybersecurity, Shopify, Traceable
What Happened As part of a bug bounty, the security researcher Uzsunny found a critical vulnerability on the Shopify platform. The vulnerability allowed the attacker to assign himself as a “collaborator” to ...
software, cloud, security engineers

Why Was Facebook Vulnerable to an Authentication Exploit?

| | authentication, data breach, facebook, Traceable
What Happened: As part of a bug bounty program, the AppSecure cybersecurity research team found a vulnerability on the authentication mechanism of Facebook. It gave them the ability to potentially gain full ...
Uber SDM

The Uber API Authorization Vulnerability

| | APIs, breach, breach analysis, Traceable, Uber
What Happened In September 2019, a critical bug was discovered on Uber API, which allows merchants, service providers and others to offer ride-sharing services to customers. Uber had exposed a vulnerable application programming interface ...
DevSecOps, appsec, ai, open-source, Sonatype, AppSec , devsecops, Traceable supply chain

Modern AppSec and Supply Chain Attacks – Three Challenges

| | application security, supply chain, Traceable
The recent news about the SolarWinds breach has focused on the difficulty and challenges a supply chain attack presents.   In the case of what Microsoft is calling “solorigate,” the attackers modified a dll deep ...