Replying to Avatar DETERMINISTIC OPTIMISM 🌞

"Login with Google" Pwn, boy this will be probably one of the biggest hacks in history...

AFAIK, attackers were able to fool google into thinking they owned your domain, some DNS attack or business logic flaw. Then signup for google workspace with your domain, then go and login into any service that had "Login with Google"...

That's as thirsty one

DNS is a shitcoin too.

Seeing some reports on twitter that seems to validate this. No public comms yet.
Avatar
shadow06 1y ago

Whats sad is that none of these projects had the task on their board. The state of security in this space blows my mind.

Reply to this note

Please Login to reply.

Discussion

No replies yet.