Tabletop scenario: every single user is getting HIBP notifications when logging in to you, because you implemented HIBP's cool API to see if their credentials have leaked.
This is how you discover all your passwords have been dumped and made their way to HIBP.
=> More informations about this toot | View the thread | More toots from bea@infosec.exchange
text/geminiThis content has been proxied by September (3851b).