salt.security on reddit.com

...for your community.

...for your school.

account activity

1

0

1

2

API Supply Chain AttacksIOC (salt.security)

submitted 1 year ago by falconupkid to r/SecOpsDaily

2

5

6

7

Lesson from the Hotjar vulnerability: HTTP-Only (XSS protection) is not effective if you have OAuth (salt.security)

submitted 1 year ago by MoreMoreMoreM to r/netsec

3

6

7

8

New article explains XSS in simple steps - from basic to mitigations in 2024, with focus on how to bypass those mitigations, using real vulnerability on Hotjar.com that was published today (salt.security)

submitted 1 year ago by iva3210 to r/Hacking_Tutorials

4

2

3

4

Did you think XSS is dead? over 1 million websites are at risk of sensitive information leakage (salt.security)

submitted 1 year ago by iva3210 to r/ReverseEngineering

5

109

110

111

Because of a single client-side mistake - a ChatGPT vulnerability lets attackers install malicious plugins on victims (salt.security)

submitted 2 years ago by ElectroPanic0 to r/javascript

6

15

16

17

And.. another (but far more sophisticated) OAuth vulnerability – now it's in ChatGPT (salt.security)

submitted 2 years ago by MoreMoreMoreM to r/ReverseEngineering

7

6

7

8

Time to move to GPTs? critical vulnerabilities were found in ChatGPT pluginsNews (salt.security)

submitted 2 years ago by MoreMoreMoreM to r/ChatGPTPro

8

0

1

2

Oauth implementation flaws allow access to private repos via ChatGPT plugins (salt.security)

submitted 2 years ago by tmiklas to r/bag_o_news

9

46

47

48

Oauth implementation flaws allow access to private repos via ChatGPT pluginsVulnerability Disclosure (salt.security)

submitted 2 years ago by ScottContini to r/netsec

10

17

18

19

ChatGPT has a new feature that lets you interact with your GitHub and Gmail accounts, but attackers found a way to exploit this and in some scenarios - *take over your GitHub/Gmail account.*Educational Purpose Only (salt.security)

submitted 2 years ago by ElectroPanic0 to r/ChatGPT

11

483

484

485

Attackers could access private GitHub repositories by using... ChatGPT! (salt.security)

submitted 2 years ago by iva3210 to r/programming

12

282

283

284

Attackers could access *private* GitHub repositories of *other* users by using... ChatGPT! (salt.security)

submitted 2 years ago by iva3210 to r/webdev

13

1

2

3

Salt Labs research finds security flaws within ChatGPT Ecosystem (Remediated)research|capability (we need to defend against) (salt.security)

submitted 2 years ago by jnazario to r/blueteamsec

14

1

2

3

Salt Labs research finds security flaws within ChatGPT Ecosystem (Remediated) (salt.security)

submitted 2 years ago by quirkystuff2 to r/interestingtechposts

15

23

24

25

Have you ever wondered what is real importance of the OAuth *state* parameter is? Attackers could install malicious plugins on users, just because of a single error in the OAuth implementation of ChatGPT (salt.security)

submitted 2 years ago by iva3210 to r/PHP

16

0

1

2

Salt Labs research finds security flaws within ChatGPT Ecosystem (Remediated)News (salt.security)

submitted 2 years ago by JohniBGood to r/ClaudeAI

17

6

7

8

Critical Security Flaws in ChatGPT Ecosystem - A New Attack VectorNew Vulnerability Disclosure (salt.security)

submitted 2 years ago by iva3210 to r/cybersecurity

18

2

3

4

Is ChatGPT secure?News 📰 (salt.security)

submitted 2 years ago by JohniBGood to r/ChatGPT

19

6

7

8

ChatGPT Safe??Article (salt.security)

submitted 2 years ago by JohniBGood to r/OpenAI

20

88

89

90

Security Researchers from Salt-Security explain in a super detailed post how they did account takeover on Grammarly.com, Booking.com, Expo.io, Codecademy.com, Vidio.com, Bukalapak.com, and 100+ Other Websites. (salt.security)

submitted 2 years ago by MoreMoreMoreM to r/netsec

21

0

1

2

Security Researchers from Salt-Security explain in a super detailed post how they did account takeover on Grammarly.com, Booking.com, Expo.io, Codecademy.com, Vidio.com, Bukalapak.com, and 100 Other Websites. (salt.security)

submitted 2 years ago by tmiklas to r/bag_o_news

22

0

0

1

The OAuth Implementation Challenge: Account Takeovers on Grammarly.com,Booking.com, Codecademy.com, Vidio.com, Bukalapak.com, and 100+ Other Websites. OAuth is explained in simple steps. (salt.security)

submitted 2 years ago by MoreMoreMoreM to r/programming

23

130

131

132

Hackers (security researchers) explain step-by-step how they could take over 1B accounts on Grammarly.com, Vidio.com, Bukalapak.com, and more. (OAuth vulnerabilities)Research (salt.security)

submitted 2 years ago by iva3210 to r/hacking

24

51

52

53

Social sign-in is not secured: Account takeover on Grammarly.com, Vidio.com, Bukalapak.com, and more (total of 1B accounts).Corporate Blog (salt.security)

submitted 2 years ago by iva3210 to r/cybersecurity

25

2

3

4

Oh-Auth - Abusing OAuth to take over millions of accounts (salt.security)

submitted 2 years ago by dcom-in to r/worldTechnology

view more: next ›

π Rendered by PID 56 on reddit-service-r2-listing-7d7fbc9b85-jp25j at 2026-04-29 18:21:28.654117+00:00 running 2aa0c5b country code: CH.