Worldwide Server-side Cache Poisoning on All Akamai Edge Nodes ($50K+ Bounty Earned) (medium.com)

submitted 2 years ago* (last edited 2 years ago) by brombek@lemmy.ml to c/security@lemmy.ml

0 comments fedilink hide all child comments

So one could have replace a JS file with one fetched from attacker controlled server for any site behind Akamai like LastPass or PayPal. That JS could have exfiltrated all the secrets from these sites on the client side (post decryption) or replace account numbers with their own on behalf of the user.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here

this post was submitted on 05 Oct 2022

0 points (NaN% liked)

Security

5001 readers

1 users here now

Confidentiality Integrity Availability

founded 4 years ago

MODERATORS

gary_host_laptop@lemmy.ml