Free Post Report URI DBSC Beta at Report URI This week, I published a blog post about Device Bound Session Credentials, a new technology that will significantly hamper the efforts of Infostealers and reduce the damage caused by stolen...
Free Post Report URI Device Bound Session Credentials: Making Stolen Cookies Useless A stolen session cookie can be vastly more powerful than a stolen password. The attacker doesnโt need to phish the user, bypass MFA, or defeat their passkey; they simply...
Free Post Report URI Open-Sourcing passkeys-php: A Security-Focused WebAuthn Library for PHP We've open-sourced passkeys-php, the WebAuthn server library we use at Report URI to protect logins with passkeys, security keys, and platform authenticators like Touch ID, Face ID, and...
Free Post XSS XSS Is Deadly for Passkeys: The Hidden Risk of Attestation None A single XSS vulnerability can turn passkeys from a phishing-resistant login mechanism into a persistent account takeover backdoor. If malicious JavaScript can run on your page, it may be able...
Free Post Report URI Anatomy of a WooCommerce Skimmer: A Technical Deep-Dive One malicious change to a trusted JavaScript file can turn your checkout page into a silent credit-card skimmer, siphoning customer data off to criminals while the website looks secure and...
Free Post Report URI Under Attack: Responding to the Rise of Info-Stealer Threats We recently received a claim that Report URI had been breached and that customer credentials had been stolen. The claim was false: we do not store passwords in a recoverable...
Free Post Report URI Security considerations when using Passkeys on your website Passkeys are awesome and that's why we implemented them on Report URI! You can read about our implementation here and get the basics on how Passkeys work and...
Free Post Report URI Amazing Refresh โ A Malicious Chrome Extension Running Malware in the Browser We recently uncovered a malicious browser extension affecting visitors to customer websites. It injected JavaScript into pages, hijacked outbound clicks through affiliate infrastructure, and quietly monetised user traffic. We spotted...
Free Post Report URI Bringing in the experts; Having our Passkeys implementation Security Tested We recently announced support for Passkeys on your Report URI account, and everyone should go and enable Passkeys for the amazing security benefits they offer. As a new implementation of...
Free Post Passkeys Launching Passkeys support on Report URI! ๐๏ธ As we're always wanting to keep ahead in the security game, I'm happy to announce that we now support Passkeys on Report URI! Let's...
Follow