Close Menu
TechurzTechurz
    What's Hot

    Startup Battlefield Australia application closes in days: Apply before July 6

    June 30, 2026

    Acti puts AI agents directly into your smartphone keyboard

    June 30, 2026

    The DeepMind trio who built a poker AI are now making money for quant hedge funds

    June 30, 2026
    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    Tech Pulse
    • Startup Battlefield Australia application closes in days: Apply before July 6
    • Acti puts AI agents directly into your smartphone keyboard
    • The DeepMind trio who built a poker AI are now making money for quant hedge funds
    • Nvidia competitor Etched hits $5B valuation, $1B in sales for AI chip
    • Clicks shows off its BlackBerry-inspired phone in a new hands-on video
    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    TechurzTechurz
    • Home
    • Tech Pulse
    • Future Tech
    • AI Systems
    • Cyber Reality
    • Disruption Lab
    • Signals
    TechurzTechurz
    Home - Security - Samlify bug lets attackers bypass single sign-on
    Security

    Samlify bug lets attackers bypass single sign-on

    TechurzBy TechurzMay 22, 2025No Comments1 Min Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    authenticating login
    Share
    Facebook Twitter LinkedIn Pinterest Email


    The attackers then insert a second, fake assertion–claiming to be an admin–into the already obtained, signed XML snippet. Owing to lax parsing rules in samlify versions prior to 2.10.0, the service provider ends up processing the attacker’s fake, unsigned identity along with the original signature.

    Endor Labs researchers warned that this flaw opens the door to SAML SSO bypass and is easy to exploit as the “attack complexity is low”, “no privileges are required”, and “no user interaction is needed”. Additionally, the requirement for obtaining a signed XML was noted as “realistic”.

    SAML authenticators should update to patched versions

    The flaw has been addressed through patches in samlify versions 2.10.0 and later.

    attackers bug bypass lets Samlify signon single
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleHow NLP Testing Can Transform Automation Strategy Beyond Speed
    Next Article Who’s to Blame When AI Agents Screw Up?
    Techurz
    • Website

    Related Posts

    Opinion

    Retro, a photo-sharing app for friends, lets you ‘time-travel’ through your camera roll

    December 12, 2025
    Cyber Reality

    AI is becoming introspective – and that ‘should be monitored carefully,’ warns Anthropic

    November 3, 2025
    Cyber Reality

    Perplexity’s new AI tool lets you search patents with natural language – and it’s free

    November 3, 2025
    Add A Comment
    Latest Tech Pulse

    College social app Fizz expands into grocery delivery

    September 3, 20252,290

    SolarSquare in talks to raise up to $60M as India’s rooftop solar market draws major VC interest

    May 23, 202622

    Future of Digital Privacy and Security: 7 Truths Nobody Tells You

    May 25, 202619
    Stay In Touch
    • YouTube
    • WhatsApp
    • Twitter
    • Pinterest
    • LinkedIn

    Techurz helps readers stay ahead of digital change with clear, practical, future focused technology intelligence written today,searched tomorrow.

    X (Twitter) Pinterest YouTube LinkedIn WhatsApp
    Company
    • About Us
    • Contact Us
    • Our Authors / Editorial Team
    • Write For Us
    • Advertise
    Policy
    • Editorial Policy
    • Privacy Policy
    • Terms and Conditions
    • Affiliate Disclosure
    • Cookie Policy
    • Disclaimer
    • DMCA
    Explore
    • AI Systems
    • Cyber Reality
    • Future Tech
    • Disruption Lab
    • Signals
    • Tech Pulse
    • Sitemap

    Join the Techurz Brief

    The future does not arrive suddenly.
    Stay ahead with fast, sharp tech signals.

    Type above and press Enter to search. Press Esc to cancel.