Jeremy Kirk (@jkirk.bsky.social) / @Jeremy_Kirk (RSS Feed) on Nostr: This might be the software bug of the year. @wiz\_io ...
This might be the software bug of the year. @wiz\_io (https://nitter.moomoo.me/wiz_io)
found a XSS flaw that could steal O365 session tokens from anyone using Bing for search. Part of the problem was a misconfig of Azure AD and the integration between Bing and O365. Wild: wiz.io/blog/bingbang (https://www.wiz.io/blog/bingbang)#infosec (https://nitter.moomoo.me/search?q=%23infosec)
https://nitter.moomoo.me/pic/card_img%2F1641146125427126272%2Fe4_9D5rt%3Fformat%3Djpg%26name%3D800x419
https://nitter.moomoo.me/Jeremy_Kirk/status/1641253047585198080#m
found a XSS flaw that could steal O365 session tokens from anyone using Bing for search. Part of the problem was a misconfig of Azure AD and the integration between Bing and O365. Wild: wiz.io/blog/bingbang (https://www.wiz.io/blog/bingbang)#infosec (https://nitter.moomoo.me/search?q=%23infosec)
https://nitter.moomoo.me/pic/card_img%2F1641146125427126272%2Fe4_9D5rt%3Fformat%3Djpg%26name%3D800x419
https://nitter.moomoo.me/Jeremy_Kirk/status/1641253047585198080#m