Twilio kills off Authy for desktop, forcibly logs out all users

August 1, 2024 at 05:15PM Twilio has discontinued its Authy for Desktop app, prompting a mandatory logout for users. After reviewing the meeting notes, it’s clear that Twilio has made the decision to discontinue its Authy for Desktop application, resulting in a forced logout of users from the desktop application. This decision will likely impact … Read more

Organizations Warned of Exploited Twilio Authy Vulnerability

July 24, 2024 at 10:42AM CISA added a recent Twilio Authy bug, tracked as CVE-2024-39891, to its Known Exploited Vulnerabilities catalog due to an information disclosure issue. Twilio warned of the vulnerability and urged users to update to versions 25.1.0 for Android and 26.1.0 for iOS. No Twilio systems were compromised, and CISA urged vulnerable … Read more

Twilio’s Authy App Breach Exposes Millions of Phone Numbers

July 3, 2024 at 11:51PM Twilio, a cloud communications provider, disclosed a mobile security breach in the Authy 2FA app. Threat actors exploited an unauthenticated endpoint to access user data, prompting the company to secure the endpoint. Although no direct system breach was proven, Twilio urged users to upgrade their apps due to possible phishing … Read more

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

March 21, 2024 at 09:48AM Cybersecurity researchers have uncovered AndroxGh0st, a tool used to target and steal sensitive data from Laravel applications. The tool exploits various vulnerabilities, such as CVE-2017-9841, to access and control targeted systems. As cloud environments are increasingly targeted, it’s crucial to keep software updated and monitor for suspicious activity. Krebs on … Read more