Hidden Passenger? How Taboola Routes Logged-In Banking Sessions to Temu

Key Points:

• Taboola's pixel redirects logged-in banking users to a Temu tracking endpoint without user consent or knowledge, exposing potential compliance violations.
• The incident affects financial institutions that utilize Taboola's services, leading to GDPR and PCI DSS compliance risks due to unauthorized data sharing and tracking.
• Security teams should enhance their monitoring capabilities to inspect runtime behavior of scripts, not just rely on declared vendor lists in Content Security Policies.

Technical Details: The article highlights a failure in security controls where the browser accepts redirects from approved domains without validating the final destination. This allows unauthorized tracking of users' banking sessions.

MITRE ATT&CK Techniques: None mentioned

IOCs Mentioned: None mentioned