Maddux notes that server side request forgery vulnerabilities crop up in other integrations across the web as well, not just with the Apple Pay module.

Researchers find 9.3/10 flaw in Docker Desktop for Windows and macOS The bug allows threat actors to compromise underlying hosts and tamper with data A fix was quickly released, so users should patch ...

A critical vulnerability in Docker Desktop for Windows and macOS allows compromising the host by running a malicious container, even if the Enhanced Container Isolation (ECI) protection is active.

Server-side request forgery (SSRF) attacks consist of an attacker tricking the server into making an unauthorized request. Defending against them can be relatively easy.

Microsoft recently patched three vulnerabilities in its Azure API Management service, two of which enabled server-side request forgery (SSRF) attacks that could have allowed hackers to access ...

Tag Archives: server side request forgery What We Can Learn from the Capital One Hack August 2, 2019 87 Comments ...

Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices.

A server-side request forgery (SSRF) flaw in an API of a large financial technology (fintech) platform potentially could have compromised millions of bank customers, allowing attackers to defraud ...