430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Twitter confirmed that a security incident publicly exposed Circle tweets

A security problem caused the public sharing of private tweets sent to Twitter Circles to users outside of the Circle, the company admitted. Since August 2022, the Twitter Circle feature allows users to send tweets to a restricted circle of users, these messages are not visible to Twitter users outside the Circle. As reported by […]

Twitter Elon Musk

A Twitter page is displayed on a laptop computer in Los Angeles October 13, 2009. Hollywood is increasingly relying on Twitter and Facebook to gauge popular buzz on movies even before they come out, in a move reflecting the power of average filmgoers over once-mighty film critics and detailed surveys. Picture taken October 13. REUTERS/Mario […]

A security problem caused the public sharing of private tweets sent to Twitter Circles to users outside of the Circle, the company admitted.

Since August 2022, the Twitter Circle feature allows users to send tweets to a restricted circle of users, these messages are not visible to Twitter users outside the Circle.

As reported by BleepingComputer, around April 7, some Twitter users noticed the issue. The Guardian reported that for weeks users had been reporting Circles tweets receiving likes and views from users outside the circle.

The social network giant confirmed the problem, it started notifying the impacted users.

“We’re contacting you because your Twitter account may have been potentially impacted by a security incident that occurred earlier this year (April 2023)”, reads a security incident notification sent by Twitter to the impacted users. “In April 2023, a security incident may have allowed users outside of your Twitter Circle to see tweets that should have otherwise been limited to the Circle to which you were posting. This issue was identified by our security team and immediately fixed so that these tweets were no longer visible outside of your Circle.”

“We’ve conducted a thorough investigation to understand how this occurred and have addressed this issue. Twitter is committed to protecting the privacy of the people who use our service, and we understand the risks that an incident like this can introduce and we deeply regret this happened.”

The company did not provide details about the security incident.

Since Elon Musk took ownership of the company, a large portion of its staff left the company and at the same time, the platform introduced multiple changes to its code.

We are in the final!

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini

Please nominate Security Affairs as your favorite blog.

Nominate Pierluigi Paganini and Security Affairs here here: https://docs.google.com/forms/d/e/1FAIpQLSepvnj8b7QzMdLh7vWEDQDqohjBUsHyn3x3xRdYGCetwVy2DA/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, privacy)