Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
3 résultats taggé recruitment  ✕
Would you like an IDOR with that? Leaking 64 million McDonald’s job applications https://ian.sh/mcdonalds
10/07/2025 06:50:49
QRCode
archive.org
thumbnail

Ian Carroll, Sam Curry / ian.sh
When applying for a job at McDonald's, over 90% of franchises use "Olivia," an AI-powered chatbot. We discovered a vulnerability that could allow an attacker to access more than 64 million job applications. This data includes applicants' names, resumes, email addresses, phone numbers, and personality test results.

McHire is the chatbot recruitment platform used by 90% of McDonald’s franchisees. Prospective employees chat with a bot named Olivia, created by a company called Paradox.ai, that collects their personal information, shift preferences, and administers personality tests. We noticed this after seeing complaints on Reddit of the bot responding with nonsensical answers.

During a cursory security review of a few hours, we identified two serious issues: the McHire administration interface for restaurant owners accepted the default credentials 123456:123456, and an insecure direct object reference (IDOR) on an internal API allowed us to access any contacts and chats we wanted. Together they allowed us and anyone else with a McHire account and access to any inbox to retrieve the personal data of more than 64 million applicants.

We disclosed this issue to Paradox.ai and McDonald’s at the same time.

06/30/2025 5:46PM ET: Disclosed to Paradox.ai and McDonald’s
06/30/2025 6:24PM ET: McDonald’s confirms receipt and requests technical details
06/30/2025 7:31PM ET: Credentials are no longer usable to access the app
07/01/2025 9:44PM ET: Followed up on status
07/01/2025 10:18PM ET: Paradox.ai confirms the issues have been resolved

ian.sh EN 2025 McHire chatbot recruitment McDonald vulnerabilies
Ransomware Recruitment Efforts Following Law Enforcement Disruption https://www.guidepointsecurity.com/blog/t-o-x-i-n-b-i-o-ransomware-recruitment-efforts-following-law-enforcement-disruption/
22/03/2024 09:06:54
QRCode
archive.org
thumbnail

In late 2023 and early 2024, the ransomware ecosystem experienced repeated disruption of its most prolific Ransomware-as-a-Service (RaaS) groups at the hands of international Law Enforcement (LE). Alphv’s dark web data leak site was seized, then unseized, then re-seized in a December 2023 law enforcement operation that seemingly failed to deter the group – until AlphV ultimately claimed to disband via an apparent exit scam, immediately following a high-profile attack against Change Healthcare in March 2024. LockBit experienced a far more dramatic and well-marketed disruption, “Operation Cronos,” in February 2024, leading to the compromise of its infrastructure, internal operational details, and data. While LockBit has ostensibly continued operations, its highly publicized disruption raises the question of whether the group will be able to continue operating and attracting affiliates at the level they once enjoyed.

guidepointsecurity EN 2024 Ransomware Recruitment Disruption Operation-Cronos
IT specialists search and recruitment on the dark web https://securelist.com/darknet-it-headhunting/108526/
30/01/2023 11:20:30
QRCode
archive.org
thumbnail

We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks like.

securelist EN 2023 Darknet Data-theft Hackers Malware Malware-Creators recruitment profiling
4569 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio