India TV

This cybersecurity vulnerability causes concern at CERT-In, can easily steal Aadhaar, PAN data

The Indian Computer Emergency Response Team (CERT-In) has reported an increase in a specific type of exploitation occurring in Indian cyberspace. This attack is related to the Insecure Direct Object ...
Threat Post

Uber Portal Leaked Names, Phone Numbers, Email Addresses, Unique Identifiers

Vulnerabilities in UberCENTRAL, a portal used by businesses to facilitate rides, could have leaked the names, phone numbers, email addresses, and unique IDs. A series of vulnerabilities in UberCENTRAL ...
Mashable

Popular e-card site has a bug that lets anyone access user photos

Card Factory, a popular UK-based greeting card business, stores some of its customers' data in an insecure way, letting anyone access their photos with an incredibly simple URL trick. The site was ...
moneycontrol.com

What is IDOR, the cyber security threat that has CERT-In worried

IDOR vulnerabilities are a silent threat to web applications, allowing unauthorized data access with minimal effort if left unchecked. The Indian Computer Emergency Response Team (CERT-In), recently, ...
Security Boulevard

IDOR Attacks and the Growing Threat to Your API Security – FireTail Blog

Common And Deadly IDOR attacks, or Insecure Direct Object Reference (IDOR) attacks, are one of the most common and costly forms of API breach. In an IDOR attack, hackers directly reference internal ...
Infosecurity-magazine.com

PII Exposed: Unauthenticated IDOR in WooCommerce Stripe Plugin

A critical security vulnerability has been discovered in the popular WooCommerce Stripe Gateway plugin, potentially exposing users’ personally identifiable information (PII). The vulnerability, an ...