A pair of security researchers have revealed vulnerabilities in the McHire chatbot Paradox developed for McDonald's that ...

A security flaw in McHire allowed access to sensitive applicant data via default admin credentials and a vulnerable API. The ...

Users could access accounts for up to 500 customers via an insecure direct object reference vulnerability which granted access when URL address were correctly manipulated.. The flaw was one of the ...

McDonald’s AI-powered hiring platform, McHire, has come under scrutiny after a critical security flaw exposed the personal data of up to 64 million job applicants. Researchers discovered that the ...

More than 64 million McDonald’s job applicants across the United States may have had their personal information exposed after ...

The Oxeye security research team found several high–severity insecure direct object reference (IDOR) vulnerabilities in Harbor, an open–source artifact registry developed by the Cloud Native Computing ...

Insecure Direct Object Reference (IDOR) is a significant cybersecurity vulnerability that enables attackers to gain unauthorised access to sensitive data by altering URL or form parameters.

Vulnerabilities in an API allowed unauthorized access to contacts and chats, exposing the information of 64 million McDonald’s applicants.

"Insecure Direct Object Reference vulnerabilities are those silent, underrated bugs, yet they are not uncommon," Jackson said. The DOD fixed the bug by adding a user session mechanism to the DOD ...

McDonald's is facing criticism after a weak default admin password exposed the data of 64 million job seekers, highlighting ...