Twitter bug gives 3rd-party apps access to users Direct Messages

A Twitter bug allowed third-party applications to access Direct Messages of users who signed in to the apps by using their Twitter account, reported IOActive researcher Cesar Cerrudo. He discovered the flaw while testing a web application that was still under development, but which allowed users to sign in by using Facebook or Twitter accounts. Twitter took its security team less than 24 hours to fix the bug, but warns users to revoke apps to which they never gave permission to access their DMs. The bug was fixed within 24 hours, but Twitter hasn t appraised its users of the matter.


Previous Post

Twitter adds support for login verification with USB security key

Next Post

Twitter CEO Hack Highlights Dangers of ‘SIM Swap’ Fraud

Related Posts