McDonald’s AI Hiring Tool McHire Security Flaw Exposed Candidate Chat Data

Major security flaw in McDonald's McHire platform exposed 64M job applications. Discover how an IDOR vulnerability and weak…...

McDonald’s Ice Cream Machine Hackers Say They Found the ‘Smoking Gun’ That Killed Their Startup

Kytch, the company that tried to fix McDonald’s broken ice cream machines, has unearthed a 3-year-old email it says proves claims of an alleged plot to undermine their business...

42,000 phishing domains discovered masquerading as popular brands

By Deeba Ahmed According to researchers, this scam is highly sophisticated and large-scale, targeting brands like McDonald’s, Unilever, Emirates, Knorr, Coca-Cola, etc. This is a post from HackRead.com Read the original post: 42,000 phishing domains discovered masquerading as popular brands...

mcdonalds.lv Cross Site Scripting vulnerability OBB-2676381

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Ice Cream Machine Hackers Sue McDonald's for $900 Million

Kytch alleges that the Golden Arches crushed its business—and left soft serve customers out in the cold...

McDonald’s Email Blast Includes Password to Monopoly Game Database

McDonald’s UK Monopoly VIP game kicked off at the end of August, and a recent round of emails sent to winners of the game’s various prizes included more than a coupon for free fries. The franchise accidentally inserted passwords for a McDonald’s server that hosted information tied to the UK...

Hacking McDonald's for Free Food

This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany end with a link to a survey page. Once you take the survey, you receive a coupon code for a free small beverage, redeemable within a...

Hacking the McDonald's Monopoly Sweepstakes

Long and interesting story -- now two decades old -- of massive fraud perpetrated against the McDonald's Monopoly sweepstakes. The central fraudster was the person in charge of securing the winning tickets...

restaurants.mcdonalds.fr XSS vulnerability

Open Bug Bounty ID: OBB-659442 Description| Value ---|--- Affected Website:| restaurants.mcdonalds.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

www1.development.mcdonalds.com Improper Access Control vulnerability

Open Bug Bounty ID: OBB-636873 Description| Value ---|--- Affected Website:| www1.development.mcdonalds.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:|...

mcdonalds.com XSS vulnerability

Open Bug Bounty ID: OBB-555266 Description| Value ---|--- Affected Website:| mcdonalds.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based...

mcdonalds.com IFRAME Injection vulnerability

Vulnerable URL: https://www.mcdonalds.com/us/en/errors/404.emailform.html?hidSendEmail=no=vega¤tPageTitle=404¤tPageUrl=http://www.mcdonalds.com/us/en/errors/404.html¤tPagePath=1=1" src= XANY Details: Description| Value ---|--- Patched:| Yes, at...

mcdonalds.com XSS vulnerability

Vulnerable URL: https://www.mcdonalds.com/us/en/errors/404.emailform.html?hidSendEmail=no=vega¤tPageTitle=404¤tPageUrl=http://www.mcdonalds.com/us/en/errors/404.html¤tPagePath=1=1" src=--'"to=1name=Joey=1 Details: Description| Value ---|--- Patched:| Yes, at 27.09.2017 Latest check for...

mcdonalds.md XSS vulnerability

Vulnerable URL: http://www.mcdonalds.md/?m=default=getCaptchaImg=algebric=2cf0605e7e6acab1c7a45337c1e9f833?search=xss%3Cimg%20src=x%20onerror=confirm%22OPENBUGBOUNTY%22%3E& Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability...

www1.staging.mcdonalds.com XSS vulnerability

Vulnerable URL: http://www1.staging.mcdonalds.com/googleapps/GoogleArabicSearchAction.do?method=googlesearchLocation=kw=ar=';alert/OPENBUGBOUNTY/;x=' Details: Description| Value ---|--- Patched:| Yes, at 26.09.2017 Latest check for patch:| 26.09.2017 23:03 GMT Vulnerability type:| XSS Vulnerabili...

Un-HappyMeal: Complaint Alleges McDonald's WiFi was Platform for Devastating Pharma Hack

Suppose you’re a IT professional who has an axe to grind against your employer, and knowledge of the company’s network and access necessary to really do some damage. You might consider launching said attack from a free, public Wi-fi hotspot, like the ones offered at chains like McDonald’s. That...

Hackers Steal Customer Data from McDonald's Partner Database

McDonald's is collaborating with law enforcement after malicious hackers infiltrated another company's database and stole information about an unknown number of the fast-food chain's customers. McDonald's has alerted potentially affected customers via email and through a message on its website. "...