Read more... Threatpost
SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts
Researchers discovered the vulnerability in an API already integrated into many bank systems, which could have defrauded millions of users by giving attackers access to their funds.