Internet Security

A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts

A popular WordPress plugin, installed on thousands of websites to help users share content on social media sites, left linked Twitter accounts exposed to compromise. The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter…


A popular WordPressplugin, installed on thousands of websites to help users share content on social media sites, left linked Twitteraccounts exposed to compromise.

The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter handle and the access tokens. These access tokens keep you logged in to the website on your phone and your computer without having to re-type your password every time or entering your two-factor authentication code.

But if stolen, most sites can’t differentiate between a token used by the account owner or a hacker who stole the token.

Baptiste Robert, a French security researcher who goes by the online handle Elliot Alderson, found the vulnerability and shared details with TechCrunch. He later tweeted details of the bug on Thursday.

In order to test the bug, Robert found 539

Read More

Be the first to write a comment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Internet Security

Kiambu CCTV captures 2 young men’s suspicious activity in apartment: “Who knows them?”

CCTV footage captured two young men attempting a daytime break-in in Ndumberi, sparking social media reactions amid rising insecurity and calls for vigilance…

CCTV footage captured two young men attempting a daytime break-in in Ndumberi, sparking social media reactions amid rising insecurity and calls for vigilance…
Read More

Continue Reading
Internet Security

Oyo Police debunk terrorist infiltration claims in Ogbomoso, dismiss viral video as fake

Oyo State Police Command has dismissed as false and misleading reports circulating on social media alleging that suspected Lukarawa terrorists have infiltrated forests around Ogbomoso and the Old Oyo National Park. The Command, in a statement issued on Wednesday by its spokesperson, DSP Ayanlade Olayinka, said intelligence reports and security The post Oyo Police debunk

Oyo State Police Command has dismissed as false and misleading reports circulating on social media alleging that suspected Lukarawa terrorists have infiltrated forests around Ogbomoso and the Old Oyo National Park. The Command, in a statement issued on Wednesday by its spokesperson, DSP Ayanlade Olayinka, said intelligence reports and security
The post Oyo Police debunk terrorist infiltration claims in Ogbomoso…
Read More

Continue Reading
Internet Security

Brian Armstrong Pledges Personal Oversight to Future-Proof Bitcoin Against Quantum Threats

Coinbase CEO Armstrong Takes Personal Lead on Bitcoin Quantum Security The post Brian Armstrong Pledges Personal Oversight to Future-Proof Bitcoin Against Quantum Threats appeared first on Cryptonews…

Coinbase CEO Armstrong Takes Personal Lead on Bitcoin Quantum Security
The post Brian Armstrong Pledges Personal Oversight to Future-Proof Bitcoin Against Quantum Threats appeared first on Cryptonews…
Read More

Continue Reading
Internet Security

Margex Review (2026): Features, Fees, Security, Pros and Cons

If you’re exploring ways to trade cryptocurrency derivatives, choosing the right platform based on your needs can make all the difference. Margex is a crypto derivatives exchange founded in 2020 The post Margex Review (2026): Features, Fees, Security, Pros and Cons appeared first on NFT Evening…

If you’re exploring ways to trade cryptocurrency derivatives, choosing the right platform based on your needs can make all the difference. Margex is a crypto derivatives exchange founded in 2020
The post Margex Review (2026): Features, Fees, Security, Pros and Cons appeared first on NFT Evening…
Read More

Continue Reading