i think you're missing the fact that that indeed is not a security email, and the engineering/security email i found bounced.

i had no ill intentions. stop pretending i did.

Sadly, most developers don't know this and continue to write from frontend, almost all of the apps and websites we found did this.

I agree for the most, but there was some good apples (even though very few) that were very thankful and fixed it fast.

True, but also better than threat actors getting to it and dumping the DB, causing more problems for the customers.

I agree! Supabase does it pretty good.

I agree, but I also disagree.

The concept with firebase DB's is flawed IMO, I never got the point of directly accessing a DB in the frontend, or allowing that even with security rules, it just seems like it would cause problems.

We believe the gambling ring is based in Indonesia, which is uncommon to use Line, but they seem to be using it here for all of their customer support across all sites.

Yeah, funny how that works.

Services as time goes on makes making websites easier, and abstracts more stuff, which makes devs oblivious to what they have to configure.

Thank you! Means a lot, helps us keep going.

Must've used the twitch chat dataset