Information security expert Alex Birsan spoke about a new attack called “dependency confusion”. The problem is a variation of the supply chain attack. Besides the name “dependency confusion”, the attacks is also called a “substitution attack”. For detecting this method of attacks, the researcher has already received more than $130,000 from various companies through bug… Continue reading Researcher compromised 35 companies through new “dependency confusion” attack
Tag: Shopify
New web skimmer found in Shopify, BigCommerce, Woocommerce and Zencart stores
Sansec experts have discovered a new multi-platform MageCart skimmer capable of stealing payment information from compromised stores. The web skimmer works in Shopify, BigCommerce, Zencart and Woocommerce stores (even if they don’t support custom scripts for checkout pages). Let me remind you that initially the name MageCart was assigned to one hack group, which was… Continue reading New web skimmer found in Shopify, BigCommerce, Woocommerce and Zencart stores
Researcher Earned More than $ 2000000 on HackerOne
HackerOne representatives said that Romanian cybersecurity specialist Cosmin Iordach (@inhibitor181) became the first researcher in the history of the project, who earned more than $ 2000000 from bug bounty. He is also the seventh researcher to earn over a million dollars in just two years, a milestone he reached, receiving over $300,000 in just 90… Continue reading Researcher Earned More than $ 2000000 on HackerOne