Hackers target unsecured Amex and Snapchat sites to steal user data - TechSpot

Maryland-based security firm Inky Security tracked attack activity related to the vulnerability from mid-May through mid-July. The phishing attack relies on a known open redirect vulnerability (CWE-601)...

Why it matters: An email-focused security firm released a blog post detailing a phishing attack targeting unsecured American Express and Snapchat sites. The identified exploit uses a known open redir… [+2403 chars]

full article...