The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,953 other followers

I’m harvesting credit card numbers and passwords from your site. Here’s how.

Posted by jpluimers on 2020/01/14

Below is one of the reasons I try to stay on the back-end side of things. Those are complex enough to focus on for me.

[WayBackI’m harvesting credit card numbers and passwords from your site. Here’s how.

It basically comes down to:

  • anything in the same page has access to anything happening on that page.
  • be careful when using npm and ad networks.
  • perform security operations in a light-weight iframe that is scrutinized.

The source of any npm package might be different from the source you find in a the underlying repository. This recursively holds for all the other npmit pulls in.


via: [WayBackJeroen Wiert Pluimers – Google+

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: