alt Hacker NewsAlso because nobody actively exploited them! You're using the word "detected" to mean "discovered", which nobody working in the field would ever do.
Also because nobody actively exploited them! You're using the word "detected" to mean "discovered", which nobody working in the field would ever do.
detected: WAF caught or detected the attack and raised an alert, post-exploitation
discovered: they audited or pentested themself and found out, preemptively
I just mean that Coinbase didn’t see anything happening and didn’t take action though the boy successfully exploited the vulnerability on their live system.