Techly NewsGet the app

Get the latest tech news

1 bug, $50k in bounties, a Zendesk backdoor


1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies - zendesk.md

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems. This meant an attacker could effectively join any ongoing support conversation, and read sensitive information—all because Zendesk didn’t have proper safeguards against email spoofing. If you enjoyed this write-up and want to stay updated on more of my bug hunting adventures, follow me on Twitter/X@hackermondev for future blog posts and insights.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of bug

bug

Photo of Companies

Companies

Photo of Zendesk

Zendesk

Related news:

News photo

Relyance lands $32M to help companies comply with data regulations

News photo

Gen AI Makes Legal Action Cheap – and Companies Need to Prepare

News photo

Teenage hacker became a legend attacking companies, then his rivals attacked him

« Windows 11 24H2 hoards 8.63 GB of junk you can't delete
Six transplant patients in Brazil contract HIV from infected organs »