30 Apr 2021

API Hole on Experian Partner Site Exposes Credit Scores

A Rochester Institute of Technology sophomore discovered a vulnerability on a partner website of Experian that allows anyone to look up credit scores with a name and mailing address. Bill Demirkapi found the leak when he was looking for information about student loan vendors online.  He discovered the code behind

Read More
17 Nov 2020

Dating Site Bumble Leaves Swipes Unsecured for 100M Users

Popular dating site Bumble has accidentally exposed the personal information of 100 million users due to an API bug. Information disclosed includes political leanings, education, distance, height, weight, and other sensitive data that could be of interest to hackers or foreign adversaries. A researcher at Independent Security Evaluators discovered the

Read More