All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
Bluesky
Twitter
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Security researcher gains access to FIFA World Cup 2026 live camera feeds through public agent platform vulnerability

By

BobDaHacker

5h ago· 10 min readenInsight
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Slow-proofed and worth the wait. Worth its weight in flour.

Score100TypeanalysisSentimentnegative

Summary

A security researcher discovered a critical vulnerability in FIFA's public Agent Platform where anyone could register, gain access to the Football Data Platform's Streaming Management panel, and obtain RTMP ingest URLs and stream keys for every live FIFA World Cup 2026 camera feed. The researcher spent hours contacting FIFA, MediaKind, HBS, CISA, and the FBI at 3am Tokyo time to report the issue before it was silently fixed without acknowledgment.

Key quotes

· 4 pulled
They fixed it without ever responding to me.
I had to call FIFA, MediaKind, HBS, CISA, and the FBI at 3am Tokyo time just to get someone to listen.
What I didn't expect was what happened next.
When you register on agents.fifa.org, FIFA adds your account to their Microsoft Entra tenant (formerly Azure AD).
Snippet from the RSS feed
How I found that anyone could register on FIFA's public Agent Platform, gain access to the Football Data Platform's Streaming Management panel, and get RTMP ingest URLs and stream keys for every live FIFA World Cup 2026 camera feed. I then spent hours cal

You might also wanna read

Security Researcher Discovers Critical Data Vulnerability in Sports Insurer Portal, Faces Legal Threats Instead of Cooperation

A diving instructor and platform engineer discovers a critical security vulnerability in a sports insurer's portal during a dive trip, expos

dixken.de·3mo ago

US Requires Work Visas for Foreign Influencers Monetizing Content at 2026 World Cup

The US Customs and Border Protection and Department of Homeland Security have announced that foreign influencers covering the 2026 FIFA Worl

Wired·3d ago

2026 FIFA World Cup: How to Watch and Livestream Matches Online

The 2026 FIFA World Cup, hosted across North America (USA, Canada, Mexico) in 16 cities, runs from June 11 to July 19, 2026. This article pr

Variety·4d ago

2026 FIFA World Cup: How to Watch, Format Changes, and Streaming Guide

The 2026 FIFA World Cup features an expanded format with 48 nations competing across 104 matches in 16 cities, hosted jointly by three count

Rolling Stone·5d ago

How to watch the 2026 FIFA World Cup on Prime Video

The article explains how Prime Video subscribers can watch the 2026 FIFA World Cup. It notes that while the tournament's streaming situation

nypost.com·4d ago

Security Researcher Discovers Critical Vulnerabilities in Tata Motors' Public Websites

A security researcher details their discovery of multiple critical vulnerabilities in Tata Motors' public websites that exposed sensitive in

eaton-works.com·7mo ago