Summary
NationStates took its platform offline after an attacker exploited a double-parsing vulnerability in the Dispatch Search feature to achieve remote code execution and steal user data.
Take Action:
Never use MD5 for password storage because it is trivial to crack with modern hardware, leaving your users vulnerable to credential stuffing. If you are a user of a breached service, immediately change that password everywhere else you use it to stay ahead of automated attacks.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)