Cross-site Request Forgery (CSRF)

facebook-sdk is vulnerable to cross-site request forgery CSRF. It does not support the state property in auth urls for CSRF detection, allowing CSRF attacks based on state mutation...

Unity Web Player Zero-Day Vulnerability Disclosed

Some detail has been disclosed about a zero-day vulnerability in the Unity Web Player browser plugin that can allow an attacker to use a victim’s credentials to read messages or otherwise abuse their access to online services. The partial disclosure was made after nearly six months of bug-report...

Facebook SDK vulnerability threatening millions of mobile phone users accounts-vulnerability warning-the black bar safety net

From MetaIntell the smartphone leadership risk management（MRM）security researchers, found a latest version of Facebook SDK vulnerability in the vulnerability exposes millions of Facebook user's authentication token, it still sounds very scary. ! Facebook for Android and IOS SDK provides the use o...