Techly NewsGet the app

Get the latest tech news

Twitter alternative spouts a massive leak


Hackers could easily hijack someone’s account.

Security consultant and Have I Been Pwned creator Troy Hunt has detailed a vulnerability in the API of Spoutible, a social platform that emerged following Elon Musk’s takeover of Twitter, that could allow hackers to take full control of users’ accounts. After someone alerted Hunt to the vulnerability, he discovered that hackers could exploit Spoutible’s API to obtain a user’s name, username, and bio, along with their email, IP address, and phone number. And, to top it all off, Hunt found that the API returned the 2FA code used to sign in to someone’s account, as well as the reset tokens generated to help a user change a forgotten password.

Get the Android app

Or read this on The Verge

Read more on:

Photo of Twitter alternative

Twitter alternative

Photo of Massive leak

Massive leak

Related news:

News photo

Massive leak exposes 26 billion records in mother of all breaches | It includes data from Twitter, Dropbox, and LinkedIn

News photo

Insomniac says it’s ‘saddened and angered’ by massive leak of 1.3 million files

News photo

Twitter Alternative Pebble, Previously Known As T2, Is Shutting Down

« Google search loses one of its oldest features - here's why you'll miss cached links
Amazon Discounts 2nd Gen Apple Watch SE to Just $189 »