Case Studies
Real Incidents Uncovered During Our Penetration Testing Engagements.
Case Study 1
Password Reset Token Leak
Learn about a critical security vulnerability discovered in a leading German bank's password reset system.
Recently, while working with one of Germany's largest banks, we came across a simple bug that can lead to a high-impact account takeover vulnerability. The important part is that such a bug can easily be missed by automated scanners or tools based testing.
Continue reading
Case Study 2
Prompt Injection in AI Chatbot
Learn how a critical AI chatbot vulnerability led to internal API token leakage during a recent security assessment.
A tech company integrated an AI chatbot into its website and product documentation to boost engagement, enhance user experience and automate support queries. The chatbot was designed to fetch live data from internal APIs, without proper isolation or access controls.
Continue reading