An Australian teenager who found a security flaw in an Australian public transport authority's website has found another serious vulnerability, this time in the site of global payments provider PayPal. The flaw, uncovered by 17-year-old Melbourne schoolboy Joshua Rogers, allowed hackers to bypass the payment provider's two-factor authentication system

http://www.smh.com.au/it-pro/security-it/australian-teen-uncovers-security-flaw-in-paypal-20140815-1044cx.html