Twitter bug may have exposed API keys, access tokens
A bug could have exposed their API keys and access tokens in their browser’s cache. Luckily, the problem was fixed before any leaks. According to the twitter, if the person using a public computer to view developer app keys and token on developer.twitter.com, they may have been store temporarily in the browser’s cache on the computer. That information has the potential of being misused by accessing the keys and tokens. With more and more organizations and businesses relying on the API, this makes API a lucrative target for hackers. Leaked keys and token can make their way to the dark and possess a threat of being used in the automated attacks against API endpoints. Twitter notified that they changed their caching instructions that the site sends developer’s browsers. Twitter also stopped storing information about the apps or accounts and fixed the leak.
Leave a Reply
You must be logged in to post a comment.