Huge OneFly data breach sees traveler IDs and payment details leaked

Full payment data, in cleartext, was leaked ...
Threat Post

Critical Vulnerabilities Affect JSON Web Token Libraries

Critical vulnerabilities exist in several JSON Web Token (JWT) libraries – namely the JavaScript and PHP versions – that could let an attacker bypass the verification step. Critical vulnerabilities ...
Cybernews

Travelers beware: thousands of customer IDs and full payment details leaked

OneFly exposed thousands of travel records including credit cards, ID documents, and flight details through an unsecured Elasticsearch instance discovered in October 2025.
Security Boulevard

What Is a Security Token Service?

Learn how a Security Token Service (STS) brokers trust in Enterprise SSO and CIAM. Explore token issuance, validation, and federated identity for CTOs.