Advanced Phishing Attacks Put X Accounts at Risk
SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter)
Twitter is a social media platform whose accounts, APIs, and integrations can expose users to account takeover, data leaks, and abuse.
Search across headline titles and summaries.
Background for this topic.
Twitter is a public social-media platform, now operated under the X name, where users post short messages, share media, and communicate through replies and direct messages. Its security relevance comes from the volume and speed of public content, account relationships, and links exchanged there. Researchers also use it for threat intelligence, while attackers may exploit public trust and impersonation to distribute phishing pages, malware, or fraudulent information.
Material risks include account takeover through stolen credentials, session theft, or compromised third-party applications; abuse of APIs and OAuth permissions; and exposure of personal data in posts, metadata, or private communications. Security teams should verify accounts and links rather than treating platform identity as proof, restrict and review application access, protect administrator accounts with phishing-resistant multifactor authentication where available, and preserve relevant posts or messages during investigations because content and account ownership can change.
Weekly headline count for the current query.
SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter)
The Irish data protection watchdog accuses X Corp’s European subsidiary of breaching GDPR with Grok AI training
X (formerly Twitter) has announced that passkeys are available as a login option for US-based users on iOS following a spate of high-profile account hijacks
A new court filing from the US Department of Justice suggests the billionaire “may have jeopardized data privacy and security” at Twitter, now known as X
Social media reports suggest an individual allegedly dumped approximately 500GB of animation files
Growing number of Twitter users voice disquiet
Joseph O'Connor hijacked over 100 accounts in bitcoin scam
Pink Drainer group has targeted hundreds of victims so far
O'Connor faces charges of computer intrusion, extortion, stalking, wire fraud and money laundering
UK's security agency warns against letting protection lapse
Social media firm claims its systems were not compromised
The leaked data included names, usernames, email addresses, follower counts and creation dates
Insider was bribed by the Middle East kingdom
No passwords were reportedly exposed, but Twitter prompted users to enable 2FA to protect accounts
The E2EE feature was first spotted by mobile researcher Jane Manchun Wong earlier this month
The breach affected any account with the "Let others find you by your phone" option enabled
The operation relied on many internet services, including Telegram, Twitter, YouTube and others
Complaints about poor customer service flood Twitter
They left quoting concerns about the rollout of new features without an FTC consent decree
Elon Musk’s arrival has opened the door for fraudsters