Cloudflare have been leaking customer HTTPS sessions for months. Uber, 1Password, FitBit, OKCupid, etc. https://bugs.chromium.org/p/project-zero/issues/detail?id=1139 …
-
-
this contradicts the avelanche of statements from
@1Password in response to this issue. -
Unless "api data" is not included by
@1Password in the "secrets" that they say were not exposed, yeah? - 3 more replies
New conversation -
-
-
The API isn't security critical. I provide API pubs and UUIDs to BC pentesters. No breaches, even with $25K bounty.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
didn't they just refute this? What's true?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
what about lastpass?!
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Can you elaborate on what api data?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.