Categories
Anti-malware

Now this might be going out on a limb, but here’s how a branch.io bug left ‘685 million’ netizens op

Tinder subdomain flaw turns into massive everybody flaw

 
By Shaun Nichols  12 Oct 2018
 

 

Bug-hunters have told how they uncovered a significant security flaw that affected the likes of Tinder, Yelp, Shopify, and Western Union – and potentially hundreds of millions of folks using these sites and apps.

 

The software sniffers said they first came across the exploitable programming blunder while digging into webpage code on dating websites. After discovering a Tinder.com subdomain – specifically, go.tinder.com – that had a cross-site scripting flaw, they got in touch with the hookup app’s makers to file a bug report.

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software