Hacker News new | ask | show | jobs
by rvnx 711 days ago
> Twilio has detected that threat actors were able to identify data associated with Authy accounts, including phone numbers, due to an unauthenticated endpoint

Isn’t it what you are describing?
1 comments
darkr 711 days ago
Based on the reports that I’ve read so far, this vuln was different to the one I found, which was on an authenticated endpoint.

Definitely some similarities though, I’d love to see some concrete technical information on it.

link