bug-bounty242
google206
facebook167
microsoft166
apple124
rce95
exploit84
web351
open-source44
smart-contract42
defi41
writeup40
ethereum38
aws37
dos36
docker36
ai-agents36
sqli36
access-control35
cloudflare35
malware34
cve34
react32
ssrf32
xss27
supply-chain26
account-takeover25
bragging-post24
idor24
smart-contract-vulnerability23
subdomain-takeover23
browser22
node22
cors21
wordpress21
privilege-escalation21
oauth21
automation20
race-condition20
cloud19
tool19
machine-learning18
authentication-bypass18
pentest18
llm17
vulnerability-disclosure17
ctf17
denial-of-service17
buffer-overflow16
phishing16
0
5/10
incident-report
A developer's PostgreSQL instance running in Docker was publicly exposed with default credentials (postgres:postgres), allowing an automated attacker to delete the database and demand ransom. The root causes were Docker's default port binding behavior, missing firewall rules, and default credentials left unchanged.
postgresql
docker-security
firewall
ufw
default-credentials
exposed-database
ransomware
linux
misconfiguration
operational-security
Akseli Lahtinen
scalie.computer
linkhut
PostgreSQL
Docker
UFW