Twitter Patches High Impact Account Tweeting FlawMay 23, 2017, 23:00 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
A basic premise of Twitter is that the user (@) is the one that is able to send a message for any given account. But that premise was challenged by a security bug that Twitter patched at the end of February, that was only publicly disclosed on May 22.
The bug was reported to Twitter by a security researcher that uses the alias 'Kedrisch' , by way of Twitter's bug bounty program which is run by Hackerone.