Hive Social, one of the micro-blogging platforms that gained popularity after that Elon Musk’s takeover of Twitterwent offline while it fixed a number of major security issues.
In the days following Elon Musk’s acquisition of Twitter, many users have fled to alternative micro-blogging platforms, such as mastodon and Hive, amassing millions of new users practically overnight. But with the increase in popularity has also come increased scrutiny.
German research group Zerforschung recently discovered a number of severe vulnerabilities in Hive, which would allow threat actors to cause massive damage to the platform: they would be able to access all data, including posts, private messages, shared media, and even deleted direct messages. Furthermore, the email addresses and phone numbers used identification (Opens in a new tab) Verification is also accessible.
appearing to the community
In a blog post published earlier this week, the group said it notified Hive of its findings in private, and soon after received confirmation that the issues had been resolved.
However, due to a serious misunderstanding, Hive was still working on a fix when Zerforschung announced its findings, urging users to stay away from Hive and use a different network.
In response, Hive shut down all of its operations completely, until the issues could be resolved. Since then, Hive has released one update, but more are expected soon.
Although researchers might recommend Mastodon instead, it’s fair to say that this platform has its share of problems as well. Last week, researchers discovered three separate flaws It can allow threat actors to tamper with stored data, and in some cases even download it.
When news of the flaws spread, security experts warned Mastodon users not to share data they wouldn’t be comfortable with everyone they knew.
Across: Techcrunch (Opens in a new tab)
