The safety of signing into third-party applications using Twitter credentials has been called into question, after a researcher discovered that an application bypassed the social network’s security to access restricted information from his account.
Cesar Cerrudo of IOActive Labs claims his direct messages on Twitter were exposed by a web application he was experimenting with, even though his privacy settings should have prevented access.
With more and more third-party services offering us to sign in using our social network details, the usually sceptical Cerrudo says he would not have used his Twitter login data if the application hadn’t assured him that it would access only public posts and follower information, and not his direct messages.
Read more: http://www.itproportal.com/2013/01/23/third-party-apps-bypass-twitter-security-access-private-data/
Discord confirms a data breach via a third-party vendor...
UK fines LastPass over 2022 data breach impacting 1.6 million users
New EDDIESTEALER Malware Bypasses Chrome's App-Bound Encryption to Steal Browser Data