@voltronic @Render I'm watching my own tmeline and I'll change my password after the hack is resolved.
not gonna speak for CoSoSec...but if some rando insider has the ability to do this...that's bad RBAC...all entities managing "customer" (product?) data need to implement zero trust...no one person within twits should have the ability to post on behalf of any account...there's no valid reason for that level of access to exist...
@chakaal @Render
Yeah that's a good point. I changed my password anyway, but it may not matter if this admin tool works the way it seems to.
I can't believe that the way they engineered their network allows this to be possible.
#CoSoSec, what say you?