Apache Superset: A story of insecure default keys, thousands of vulnerable systems, few paying attention
Two out of three public-facing app instances open to hijacking Apache Superset until earlier this year shipped with an insecure default configuration that miscreants could exploit to login and take over the data visualization application, steal data, and execute malicious code.... [...]