zerforschungWarning: Do not use Hive Social β οΈπ
We found multiple critical security vulnerabilities in the App, leaking private messages, posts, images and user data like phone numbers, emails and birthdates.
β οΈ Warning: do not use Hive Social πππ
Dieser Artikel ist auch auf deutsch erschienen. Update: The vulnerabilities are currently no longer exploitable because Hive deactivated their servers. More details Following the Twitter takeover, a number of services promising to be an alternative gained traction. One of those is βHive Socialβ, which reached more than a million users in the last weeks. Of course, we were interested and took a look at Hive from a security standpoint. We found a number of critical vulnerabilities, which we confidentially reported to the company. After multiple attempts to contact the company we finally reached them by phone and they acknowledged the report. After multiple days and multiple reminders by us, they claimed to fix them within the next two days. However after those two days, multiple vulnerabilities we reported were not fixed and still existed at the time of writing. β οΈ We strongly advise against using Hive in any form in the current state.
Johann | DiEM & MERA25
RDS (shawphd on Twitter)