I’m new to the world of pen testing & bug bounty so don’t mind my noob questions.
I was doing a lil experimental check on some large news corps in Australia and I came across a News Corp’s API & SSO key.
I’m just wondering how much of a security risk is this for that News Corp?
Should I report it to them or is there different types/layers of API & SSO keys?
Apologies again for the noobness.
[link] [comments]
from hacking: security in practice https://ift.tt/KClkSTb
Comments
Post a Comment