OAuth Redirect Flaw in Airline Travel Integration Exposes Millions to Account Hijacking

Published on January 28, 2025

Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car rentals. "By exploiting this flaw, attackers can gain unauthorized access to any user’s account within the system, effectively allowing them to impersonate the victim and perform an array of actions on their behalf – including

Continue reading on website
Other news

Barracuda Aims To Boost Email Protection With New Account Takeover, Threat Mitigation Capabilities

January 28, 2025
Barracuda is debuting a major set of new email protection capabilities along with new bundles and complimentary support for partners, according to Chief Product Officer Neal Bradbury.

Dell, CrowdStrike Co-Engineer MDR For PowerProtect Storage

January 28, 2025
Dell and CrowdStrike have co-engineered new MDR capabilities for Dell’s PowerProtect storage, giving it 64 indicators of compromise and around-the-clock monitoring for threats inside the backup storage device.