A Lovense security flaw may be letting people take over accounts without a password

3 months ago 5

Sex toy company Lovense is leaking the email addresses of its app users and allowing account takeovers without asking for a password, according to a security researcher. As reported by TechCrunch, BobDaHacker, who describes themself as an ethical hacker committed to exposing and reporting security vulnerabilities, published an extensive report in which they accuse Lovense of failing to fix a serious bug it was first made aware of in 2023.

According to the hacker (and later verified by TechCrunch), Lovense allows any username to be turned into their email address with the right know-how, a flaw they initially discovered after muting someone on the app. With their access to Lovense’s API, they were able to obtain the emails associat...

Source: https://www.engadget.com/cybersecurity/a-lovense-security-flaw-may-be-letting-people-take-over-accounts-without-a-password-160528730.html?src=rss

Read Entire Article

Disclaimer of liability !!!

NEWS.SP1.RO is an automatic news aggregator. In each article, taken over by NEWS.SP1.RO with maximum 500 characters from the original article, the source name and hyperlink to the source are specified.

The acquisition of information aims to promote and facilitate access to information, in compliance with intellectual property rights, in accordance with the terms and conditions of the source.

If you are the owner of the content and do not wish to publish your materials, please contact us by email at [email protected] and the content will be deleted as soon as possible.