Bleeping Computer

Hackers abused API to verify millions of Authy MFA phone numbers

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS ...
Bleeping Computer

Unsecured API Leads to 'Yelp for Conservatives' App Data Leak

French security researcher Robert Baptiste found the API of the 63Red Safe mobile application known as "Yelp for conservatives" wide open, with no authentication needed to access and view the data ...