The Shopify Breach: Why Authz Exploits Slip by Most Security Defenses

Spread the love

What Happened As part of a bug bounty, the security researcher Uzsunny found a critical vulnerability on the Shopify platform. The vulnerability allowed the attacker to assign himself as a “collaborator” to any store on Shopify without approval from the store’s manager. Collaborators have full access to perform any action on the store, including reading […]
The post The Shopify Breach: Why Authz Exploits Slip by Most Security Defenses appeared first on DevOps.com.

Next Post

Mark Your Calendars and Meet the Best in Tech at Cloud-Native Days with Kubernetes

Mon Aug 2 , 2021
Spread the loveAfter over a year of dreaded isolation, many of us are ready to return to the networking and social atmosphere of pre-COVID life. While physical proximity continues to be a struggle, virtual proximity through events like virtual summits and teleconference meetings, is getting increasingly more helpful amidst the […]