Safeguard
Tag

session-hijacking

Safeguard articles tagged "session-hijacking" — guides, analysis, and best practices for software supply chain and application security.

7 articles

Vulnerability Analysis

Citrix Bleed (CVE-2023-4966) Explained: Leaking Session Tokens Straight Past MFA

CVE-2023-4966, Citrix Bleed, let unauthenticated attackers read memory from NetScaler appliances and steal valid session tokens — hijacking sessions and bypassing multi-factor authentication.

Jul 6, 20265 min read
Application Security

Browser extension security risks for developers

Cyberhaven's Chrome extension breach hit 400,000 users in hours. Here's how attackers hijack trusted extensions, and how to detect the risk before it spreads.

Apr 28, 20267 min read
Vulnerability Analysis

What is Session Hijacking

Session hijacking lets attackers seize an active, authenticated session and bypass passwords and MFA entirely. Here's how it works and how to stop it.

Mar 26, 20267 min read
Industry Analysis

Session Persistence Security Risks

CircleCI, Okta, Sourcegraph, and Codecov were all breached the same way: a session token outlived the trust that created it. Here's how session persistence becomes a supply chain risk.

Nov 1, 20258 min read
Zero-Day Exploits

Citrix Bleed CVE-2023-4966: Session Token Theft That Bypassed Every Authentication Control

Citrix Bleed allowed attackers to steal session tokens from NetScaler ADC, bypassing MFA and all authentication controls. LockBit ransomware used it to devastating effect.

Nov 8, 20236 min read
Incident Response

Okta's Support System Breach: Identity Provider Under Fire Again

Okta disclosed that attackers used stolen credentials to access its customer support system, downloading HAR files containing session tokens for multiple customers.

Oct 20, 20235 min read
Web Security

Session Management Security: A Complete Guide

Session management vulnerabilities enable account takeover, privilege escalation, and data theft. This guide covers session ID generation, storage, lifecycle, and the attacks that exploit weak session handling.

Feb 5, 20235 min read
session-hijacking — Safeguard Blog