Vulnerability Management, Threat Management

Developer warns of potential vulnerability in revealed Twitter source code

A security researcher from Argentina has created a post on GitHub claiming that the portion of the Twitter source code published recently by the company revealed a vulnerability of the software to manipulation allowing malicious actors to silence certain accounts on the platform, reports CyberScoop. In the post on the software hosting service, the developer described the flaw as allowing for "coordinated hurting of account reputation without recourse." In response, nonprofit group the Mitre Corporation assigned a common vulnerabilities and exposure designation to the portions of Twitters code that allow attackers to reduce their targets' exposure on the social media platform. The CVE states that the current recommendation algorithm employed by Twitter "allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as exploited in the wild in March and April 2023."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.