Security news aggregator

Latest coverage for Twitter

Twitter is a social media platform whose accounts, APIs, and integrations can expose users to account takeover, data leaks, and abuse.

235 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Twitter is a public social-media platform, now operated under the X name, where users post short messages, share media, and communicate through replies and direct messages. Its security relevance comes from the volume and speed of public content, account relationships, and links exchanged there. Researchers also use it for threat intelligence, while attackers may exploit public trust and impersonation to distribute phishing pages, malware, or fraudulent information.

Material risks include account takeover through stolen credentials, session theft, or compromised third-party applications; abuse of APIs and OAuth permissions; and exposure of personal data in posts, metadata, or private communications. Security teams should verify accounts and links rather than treating platform identity as proof, restrict and review application access, protect administrator accounts with phishing-resistant multifactor authentication where available, and preserve relevant posts or messages during investigations because content and account ownership can change.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 235
Bank Info Security 7 months, 4 weeks ago

Cryptohack Roundup: Samourai Execs, Crypto CEO Sentenced

Also: Obama Twitter Hacker Ordered to Forfeit $5.3 MillionEvery week, ISMG rounds up cybersecurity incidents in digital assets. This week, Samourai Wallet founders and Oklahoma Crypto CEO sentenced, Obama Twitter hacker ordered to forfeit funds, Chicago crypto ATM CEO charged and White House is reviewing a rule expanding IRS crypto oversight.

Civil recovery order targets PlugwalkJoe's illicit gains while he serves US sentence British prosecutors have secured a civil recovery order to seize crypto assets worth £4.11 million ($5.39 million) from Twitter hacker Joseph James O'Connor, clawing back the proceeds of a scam that used hijacked celebrity accounts to solicit digital currency and threaten high-profile individuals.…

Krebs on Security 10 months, 4 weeks ago

Oregon Man Charged in ‘Rapper Bot’ DDoS Service

A 22-year-old Oregon man has been arrested on suspicion of operating "Rapper Bot," a massive botnet used to power a service for launching distributed denial-of-service (DDoS) attacks against targets -- including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the suspect and an unidentified co-conspirator rented out the botnet to online extortionists, and tried to stay off the radar of law enforcement by ensuring that their botnet was never pointed at KrebsOnSecurity.

In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. But more than a month later, the accused continues to openly operate accounts at a slew of American tech companies, including Facebook, Github, LinkedIn, PayPal and Twitter/X.

Krebs on Security 1 year, 2 months ago

xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs

A employee at Elon Musk's artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk's companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned.

Bank Info Security 1 year, 4 months ago

X Social Media Platform Hit by Apparent DDoS

'Dark Storm Team" Takes Responsibility for 4 Major Outages on MondayRepeated outages Monday on social media platform X - formerly Twitter - are the result of a distributed denial of service attack, asserted platform owner Elon Musk in a sporadically available tweet. The social media platform experienced four significant outages.

Krebs on Security 1 year, 4 months ago

Who is the DOGE and X Technician Branden Spikes?

At 49, Branden Spikes isn't just one of the oldest technologists who has been involved in Elon Musk's Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla and SpaceX, Spikes is also among Musk's most loyal employees. Here's a closer look at this trusted Musk lieutenant, whose Russian ex-wife was once married to Elon's cousin.

Bank Info Security 1 year, 5 months ago

Elon Musk's AI Firm Releases Reasoning Model Grok 3

Grok 3 Aims to Close Gap With GPT-4o, Gemini, Touting 'Truth-Seeking' AIElon Musk-owned artificial intelligence company xAI released a new model late Monday night, its answer to OpenAI's GPT-4o and Google Gemini. The "Grok 3" model can analyze images and respond to questions like its counterparts, and powers features on Musk's social network X, formerly Twitter.

Bank Info Security 1 year, 5 months ago

Altman Rejects Musk's $97.4B Offer for OpenAI

Offer Comes Amid Legal Battle Between the Former OpenAI Co-FoundersElon Musk has reportedly offered to buy OpenAI's operating assets for $97.4 billion, escalating his legal and business battle with the artificial intelligence company's CEO Sam Altman. Altman dismissed the offer and said he will buy Twitter for $9.74 billion - if Musk is interested.

Krebs on Security 2 years, 3 months ago

Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

On April 9, Twitter/X began automatically modifying links that mention "twitter.com" to redirect to "x.com" instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links -- such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets.

Loading more headlines...