Hackers abused API to verify millions of Authy MFA phone numbers
3 juillet 2024 à 18:43
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. [...]