session-hijacking
Safeguard articles tagged "session-hijacking" — guides, analysis, and best practices for software supply chain and application security.
7 articles
Citrix Bleed (CVE-2023-4966) Explained: Leaking Session Tokens Straight Past MFA
CVE-2023-4966, Citrix Bleed, let unauthenticated attackers read memory from NetScaler appliances and steal valid session tokens — hijacking sessions and bypassing multi-factor authentication.
Browser extension security risks for developers
Cyberhaven's Chrome extension breach hit 400,000 users in hours. Here's how attackers hijack trusted extensions, and how to detect the risk before it spreads.
What is Session Hijacking
Session hijacking lets attackers seize an active, authenticated session and bypass passwords and MFA entirely. Here's how it works and how to stop it.
Session Persistence Security Risks
CircleCI, Okta, Sourcegraph, and Codecov were all breached the same way: a session token outlived the trust that created it. Here's how session persistence becomes a supply chain risk.
Citrix Bleed CVE-2023-4966: Session Token Theft That Bypassed Every Authentication Control
Citrix Bleed allowed attackers to steal session tokens from NetScaler ADC, bypassing MFA and all authentication controls. LockBit ransomware used it to devastating effect.
Okta's Support System Breach: Identity Provider Under Fire Again
Okta disclosed that attackers used stolen credentials to access its customer support system, downloading HAR files containing session tokens for multiple customers.
Session Management Security: A Complete Guide
Session management vulnerabilities enable account takeover, privilege escalation, and data theft. This guide covers session ID generation, storage, lifecycle, and the attacks that exploit weak session handling.