Total Tests:
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

Twitter source code leaked on GitHub has been removed

By Megan Crouse for TechRepublic
Wednesday, March 29, 2023

Twitter’s job cuts could open the social media giant up to cybersecurity threats. Depending on what the leaked code contains, it’s an inside look into Twitter’s underpinnings. The main worries here are that hackers could discover vulnerabilities in the source code, giving them the power to find out private information about Twitter users or take the site down from the inside.

“The alleged security incident will unlikely have any major impact on Twitter and its users, unless some critical parts of the code were actually exposed and misappropriated by cyber threat actors,” said Ilia Kolochenko, founder of ImmuniWeb and a member of Europol Data Protection Experts Network. “For instance, source code of business-critical APIs, which allow vetted third parties to remotely access sensitive data of Twitter users, can possibly expose critical security vulnerabilities that are undetectable from the outside.”

Twitter’s rewards vs. cybersecurity risks

Twitter is still one of the best options for social media, especially for communicating with other professionals in a space less formal than LinkedIn. The way Twitter shed employees under Musk’s management isn’t a great sign, though, as laid-off engineers could reveal hidden vulnerabilities afterward. Twitter is likely to feel the effects of the downsizing the more time goes on as downstream problems crop up.

However, Kolochenko said the timing means it’s likely this particular leak won’t be the one to kick the legs out from under Twitter.

“The source code was probably not that sensitive if Twitter allegedly requested the removal only after several months [when] the code had been publicly accessible,” Kolochenko said. “Companies like Twitter usually have multiple solutions to continually monitor accidental or malicious exposure of sensitive data on GitHub and other code repositories, so they likely spotted the leak on the very same day when the code had become public.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential