ibm

3 articles
sort: new top best
clear filter
bug-bounty512 xss297 google214 rce180 microsoft174 facebook161 exploit143 account-takeover118 bragging-post117 malware112 cve102 apple102 privilege-escalation92 csrf88 authentication-bypass79 stored-xss75 open-source68 phishing67 writeup67 reflected-xss63 access-control62 web-security60 ai-agents59 ssrf55 browser53 input-validation52 dos50 reverse-engineering49 defi48 smart-contract48 cross-site-scripting48 sql-injection46 ethereum45 cloudflare43 lfi41 information-disclosure40 supply-chain39 api-security39 oauth39 react38 web337 race-condition37 web-application37 burp-suite36 tool35 ctf35 idor33 smart-contract-vulnerability33 pentest33 html-injection33
0 6/10
Critical Bypass CSRF protection
bug-bounty

A researcher discovered a CSRF protection bypass on IBM's account management endpoint by exploiting Referer header validation. The vulnerability allowed changing user email addresses via GET requests using a path traversal technique (hosting the IBM URL as a path on an attacker's domain) to bypass Referer checks.

csrf csrf-bypass referer-header-bypass ibm account-takeover bug-bounty web-security authentication-bypass
IBM Mohamed Sayed
medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 11 hours ago · details
0 2/10
Iran plots 'infrastructure warfare' against US tech giants
threat-intel

Iran's state media published a list of 29 tech infrastructure facilities owned by US companies (Amazon, Google, Microsoft, IBM, Nvidia, Oracle, Palantir) across the Middle East designated as legitimate targets for retaliatory strikes, following Iran's claimed drone attacks on AWS datacenters in the UAE and Bahrain.

infrastructure-attack state-sponsored threat-intel cloud-infrastructure datacenter geopolitical iran aws google microsoft ibm oracle palantir nvidia physical-attack drone-strike
Iran IRGC Tasnim Amazon AWS Google Microsoft IBM Nvidia Oracle Palantir Khatam al-Anbiya Al Jazeera The Register Snowflake Red Hat EMQX
theregister.com · samizdis · 2 days ago · details · hn
0 3/10
Iran warns U.S. tech firms could become targets as war expands
threat-intel

Iranian state media has publicly named major U.S. tech companies (Google, Microsoft, Palantir, IBM, Nvidia, Oracle) as potential military targets, warning that the regional conflict is expanding into digital infrastructure. Recent Iranian drone strikes have already damaged AWS data centers in the UAE and Bahrain, demonstrating practical capability to target critical cloud and data-center operations.

threat-intel geopolitical infrastructure-attack cloud-security data-center-security drone-strikes gps-jamming electronic-warfare iran middle-east aws google microsoft palantir oracle nvidia ibm
Iran Tasnim News Agency Islamic Revolutionary Guard Corps (IRGC) Google Microsoft Palantir IBM Nvidia Oracle Amazon Web Services (AWS) Bank Sepah Khatam al-Anbiya Headquarters Israel United States UAE Bahrain
wired.me · Fricken · 2 days ago · details · hn