Hackers abused API to verify millions of Authy MFA phone numbers
Hackers abused API to verify millions of Authy MFA phone numbers
04 July 2024
Twilio has confirmed that an unsecured API endpoint allowed threat actors to access phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.