#SocialNetworkSecurity

Mastodon vulnerability allows attackers to take over accounts

by

February 3, 2024 at 11:21AM Mastodon, a decentralized social networking platform, has resolved a critical vulnerability, CVE-2024-23832, allowing account impersonation and takeover. The flaw affects earlier versions and is rated 9.4 in CVSS v3.1. Server admins are urged to update to version 4.2.5 to protect users by mid-February. The impact on user security and platform … Read more

Critical vulnerability in Mastodon is pounced upon by fast-acting admins

by

February 2, 2024 at 01:37PM A critical vulnerability in Mastodon, a decentralized social network, can be exploited by attackers to take over user accounts remotely. An urgent upgrade is needed for versions prior to 3.5.17 and 4.0.x/4.1.x/4.2.x releases. The platform’s decentralized nature poses unique security management challenges, but a fast patch response has been observed. … Read more