Security News

Update 5/1/23: Title updated to reflect this bug only allowed the user to see their legacy check. A silly Twitter bug allowed previously-verified accounts to add their legacy 'Blue Check' back to their profile for free.

A silly Twitter bug allowed previously-verified accounts to add their legacy 'Blue Check' back to their profile for free. On April 20th, Twitter finally removed the legacy verified check marks from accounts worldwide that were used to demonstrate the authenticity of accounts belonging to businesses, celebrities, politicians, activists, and journalists.

A silly Twitter bug allows previously-verified accounts to add their legacy 'Blue Check' back to their profile for free. On April 20th, Twitter finally removed the legacy verified check marks from accounts worldwide that were used to demonstrate the authenticity of accounts belonging to businesses, celebrities, politicians, activists, and journalists.

KuCoin's Twitter account was hacked, allowing attackers to promote a fake giveaway scam that led to the theft of over $22.6K in cryptocurrency. While the account was hacked for only 45 minutes, the crypto exchange says it was enough time for its followers to send 22 Bitcoin and Ethereum transactions, allowing the hackers to steal $22,600.

As Elon Musk tears at Twitter's credibility by demanding businesses and individuals pay for their blue verification checks, Microsoft is pushing ts own free digital ID technology to companies and their employees on LinkedIn. Verified ID is a managed identify verification service that is part of Microsoft's Entra product portfolio, an umbrella unit created last year that covers all of the vendor's identity and access capabilities.

The issue was discovered by Federico Andres Lois while reviewing the tweet recommendation engine that's said to power Twitter's For You timeline. According to Lois's study of the engine bug he found, coordinated efforts to unfollow, mute, block and/or report a targeted user applies global reputation penalties to the account that are practically impossible to overcome based on how Twitter's recommendation algorithm treats negative actions.

Twitter announced on Friday that it's open-sourcing the code behind the recommendation algorithm the platform uses to select the contents of the users' For You timeline. "Today's release also does not include the code that powers our ad recommendations. We also took additional steps to ensure that user safety and privacy would be protected, including our decision not to release training data or model weights associated with the Twitter algorithm at this point."

Twitter has taken down internal source code for its platform and tools that was leaked on GitHub for months.On Friday, GitHub complied with a DMCA infringement notice issued by Twitter because the leak exposed proprietary source code and internal tools, which could pose a security risk to Twitter.

A convincing Twitter scam is targeting bank customers by abusing the quote-tweet feature, as observed by BleepingComputer. Users tagging Twitter accounts of their banks in their tweets-for example, when raising complaints about an issue, should watch out for responses from non-verified Twitter accounts that may closely be impersonating the bank's support staff and instead be a scam.

Twitter users are experiencing issues worldwide when trying to log in or log out and when attempting to share their tweets, click links, embed tweets, and see images. Thousands of Twitter users have already reported having issues with the Twitter website, the app, and when trying to connect to Twitter servers, according to DownDetector.