bug-bounty223
google197
microsoft163
facebook157
apple120
rce91
exploit74
web351
open-source44
smart-contract42
defi41
ethereum38
ai-agents36
writeup36
docker35
access-control35
aws34
malware34
cve33
cloudflare32
react31
ssrf31
dos30
sqli29
supply-chain26
bragging-post24
smart-contract-vulnerability23
xss23
node22
account-takeover22
wordpress20
automation20
race-condition20
privilege-escalation20
oauth19
browser19
tool19
idor19
cors19
machine-learning18
authentication-bypass18
vulnerability-disclosure17
denial-of-service17
cloud17
ctf17
llm17
buffer-overflow16
sql-injection16
phishing16
rust16
0
5/10
incident-report
A developer's PostgreSQL instance running in Docker was publicly exposed with default credentials (postgres:postgres), allowing an automated attacker to delete the database and demand ransom. The root causes were Docker's default port binding behavior, missing firewall rules, and default credentials left unchanged.
postgresql
docker-security
firewall
ufw
default-credentials
exposed-database
ransomware
linux
misconfiguration
operational-security
Akseli Lahtinen
scalie.computer
linkhut
PostgreSQL
Docker
UFW