Bleeping Computer

Hackers abused API to verify millions of Authy MFA phone numbers

Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS ...
Bleeping Computer

Over 400,000 Life360 user phone numbers leaked via unsecured API

A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API. Known only by their 'emo' handle, they said the ...
heise online

MFA app Authy: Countless phone numbers tapped via unsecured API

Twilio has reported that attackers have accessed data from Authy accounts. This is said to include the phone numbers of those affected. The attackers, who appear online as ShinyHunters, have ...