CVE-2024-51716

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Twitter real time search scrolling twitter-real-time-search-scrolling allows Reflected XSS.This issue affects Twitter real time search scrolling: from n/a through = 7.0...

HL Twitter <= 2014.1.18 - Settings Update via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack Have a logged in admin open an HTML page containing:...

Twitter security under scrutiny after former executive turns whistleblower

A former Twitter executive has acted as a whistleblower and alleged some serious problems. Provided these accusations are true, the disclosure shows a side of Twitter that poses a threat to its own users' personal information, to company shareholders, to national security, and to democracy...

Watch out for Ukraine donation scammers in Twitter replies

The invasion of Ukraine has been a money making opportunity for scammers since the moment it began: Fake donation sites, bogus Red Cross portals, phishing pages, the works. These scams can also be found on social media. Faking donations on Twitter Some users of social media have become very...

VideoBytes: Twitter gets hacked!

Hello dear readers, and welcome to the latest and greatest from VideoBytes: a brand new, video feature that we announced just yesterday. On our debut post today, were talking to you about the Twitter hack, in which hackers accessed the Twitter accounts of 130 high profile figures, like Barack...

Twitter Hack Update: What We Know (and What We Don't)

UPDATED 7/18 at 12:50 p.m. ET Earlier this week, Twitter locked down thousands of verified accounts, including the accounts of Joe Biden, Bill Gates, Elon Musk, Apple, Uber and others, after it became clear that hackers had been able to compromise them. The tip-off? Suddenly these high-profile...

A week in security (February 17 – 23)

Last week on Malwarebytes Labs, we highlighted the benefits and concerns of identity-as-a-service IDaaS, an identity management scheme deployed from the cloud; reported on scammers and squatters taking advantage of Rudy Giuliani’s Twitter typos; and gave a high-level overview of RobbinHood, the...

Rudy Giuliani’s Twitter mishaps invite typosquatters and scammers

Former cybersecurity czar Rudy Giuliani has been targeted by typosquatters on Twitter, thanks to copious misspellings and other keyboarding errors made in a number of his public tweets. In a tweet sent out on Sunday, Giuliani meant to send his 650,000-plus followers to his new website,...

X (Formerly Twitter): iOS app crashed by specially crafted direct message reactions

Summary: iOS app crashed by specially crafted direct message reactions Description: Twitter does not properly sanitize direct message reactions, making it possible for arbitrary reaction text to be shown to the user via the message preview in the direct message list. Special characters such as \r...

Amitabh Bachchan’s Twitter hacked with photo of Pakistani PM Imran Khan

By Uzair Amir Turkish hackers left a message protesting against Ireland on a Twitter account owned by India actor. The official Twitter account of Bollywood's legend Amitabh Bachchan has apparently been hacked by Turkish hacking group calling itself "Ayyildiz Tim." The verified Twitter account wi...

How To Check If Your Twitter Account Has Been Hacked

Did you ever wonder if your Twitter account has been hacked and who had managed to gain access and when it happened? Twitter now lets you know this. After Google and Facebook, Twitter now lets you see all the devices—laptop, phone, tablet, and otherwise—logged into your Twitter account. Twitter h...

A bug stored Twitter passwords in plain text so change your password

By Carolina Twitter, the social network, and online news giant is sending notifications This is a post from HackRead.com Read the original post: A bug stored Twitter passwords in plain text so change your password...

Charlie Miller to Leave Twitter Security Team

Charlie Miller, one of the more respected and accomplished security researchers in the industry, is leaving Twitter’s security team after three years. Miller said on Monday that he is leaving the company at the end of this week and that he plans to announce his new job next week. Miller joined...

X (Formerly Twitter): Privacy Issue on protected tweets

Hello Twitter Security Team, Problem: Here is a privacy issue that break your privacy for protected tweets. Details: I have two accounts on twitter @dia2diab and @Dia2diabTest , from the first one i changed the settings of Tweet privacy to be "Protect my Tweets" and now if you access one of my...

For the recent Bosch global eye OAuth vulnerability analysis and preventive recommendations-vulnerability warning-the black bar safety net

According to CnetreportsSingapore Nanyang Technological University, a man named Wang Jing PhD student, found that the OAuth and OpenID open source login tools the“covert redirect”vulnerabilityCovert Redirect to. First of all need to clear point is that the vulnerability is not present in the OAut...

Twitter Implements Perfect Forward Secrecy

Twitter took another step toward not only securing the privacy of its users’ communication over the social network, but in warding off the prying eyes of government surveillance with the implementation of Perfect Forward Secrecy. The technology thwarts the efforts of anyone who may be collecting...

Two-Factor Authentication Won't Stop Twitter Compromises

The hijacking of high-profile Twitter accounts belonging to the Associated Press and Guardian UK newspaper brings to light numerous security shortcomings, namely the susceptibility users still have when it comes to phishing attacks, their propensity to use weak passwords, and the inability to...

Researcher Charlie Miller Joins Twitter Security Team

Twitter quietly is assembling a serious security team, with the most recent addition being Charlie Miller, the security researcher known for finding a long line of bugs in the iPhone and other Apple products. Miller, a respected and prolific researcher, will join the social network’s security tea...

New FireSheep-Style Tool Hijacks Twitter Sessions

Days after researchers at the ToorCon Security Conference in San Diego released a tool to hijack insecure Web sessions on Facebook, iGoogle and Flickr, a developer has released a similar tool, dubbed “Idiocy” that does the same for insecure Twitter sessions. There’s a twist, though. Rather than...

After Twitter Hack, NY Times Debates Social Network Security

In the wake of a high profile though harmless cross site scripting attack launched from Twitter.com’s Web site, the New York Times is sponsoring a debate about the security of online social networks that offers some harsh criticism of the micro blogging site. The Gray Lady pulled together top nam...