How I Discovered 74,000 Exposed Profiles: Inside the Mood Indigo Security Disaster

TLDR: The Mood Indigo website had critical security flaws, including unsecured user profile updates, client-side OTP verification, token misuse granting access with just an email, and an exposed database of 74k+ users accessible via a public link. De...