Dutch hacker arrested for trying to sell the personal information of nearly every Austrian citizen

Dutch authorities arrested a hacker for obtaining and trying to sell the personal information of nearly every Austrian citizen in May 2020, according to Reuters. It includes almost nine million data sets, roughly lining up with Austria’s population.The…

OnePlus teases its first tablet ahead of next month’s official reveal

A OnePlus tablet is on the way. A new official image of the upcoming OnePlus Pad surfaced, showing a “Halo Green” color and an unconventional camera placement. The tablet will reportedly launch alongside the OnePlus 11 5G and Buds Pro 2 at a February 7…

NY AG wants answers on Madison Square Garden’s use of facial recognition against legal opponents

New York Attorney General Letitia James has sent a letter to MSG Entertainment, the owner and operator of Madison Square Garden and Radio City Music Hall, asking for information about its use of facial recognition to deny entry to attorneys at firms re…

Twitter engineers can still use ‘GodMode’ to tweet as any account, claims whistleblower

Twitter has a new whistleblower, as another former employee has sounded the alarm about security issues, according toThe Washington Post. The new complainant, who has spoken with Congress and the Federal Trade Commission (FTC), says any Twitter engineer still has access to an internal program — formerly called “GodMode” — that lets them tweet from any account.

The whistleblower’s complaint alleges GodMode (now renamed to “privileged mode”) remains on the laptop of any engineer who wants it, requiring only a production computer and a simple code change from “FALSE” to “TRUE.” Screenshots of the code, included in an October complaint filed with the FTC, show a warning to anyone attempting to use it: “THINK BEFORE YOU DO THIS.”

This isn’t the first time Twitter security has drawn scrutiny. In 2020, teenage crypto scammers hacked the company’s internal systems, sending fake tweets from the accounts of President Joe Biden, Barack Obama, Musk and others. Twitter’s at-the-time executives said they had fixed the issue and launched a “comprehensive information security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of nonpublic consumer information.”

However, Twitter’s first whistleblower, Peiter Zatko, disputed that. Another engineer claimed at the time that GodMode was still widely available.

SAN FRANCISCO, CALIFORNIA - JANUARY 24: Tesla CEO Elon Musk leaves the Phillip Burton Federal Building on January 24, 2023 in San Francisco, California. Musk testified at a trial regarding a lawsuit that has investors suing Tesla and Musk over his August 2018 tweets saying he was taking Tesla private with funding that he had secured. The tweet was found to be false and cost shareholders billions of dollars when Tesla's stock price began to fluctuate wildly allegedly based on the tweet. (Photo by Justin Sullivan/Getty Images)
Justin Sullivan via Getty Images

The new complainant’s filing says the incident led to Twitter reopening the case, which sparked the discovery that engineers could also delete or restore anyone’s tweets. (Regular Twitter users can’t do either.) He also claims Twitter can’t log who, if anyone, uses or abuses any of the special privileges.

The new whistleblower’s complaint was filed by Whistleblower Aid, the same nonprofit firm representing Zatko. The FTC is reportedly interviewing former Twitter employees about the allegations.

GTA Online PC players hit with game-breaking exploit

A new exploit in the PC version of Grand Theft Auto Online is causing players to lose game progress and in-game currency, with some accounts becoming corrupted or banned. The exploit, a “remote code execution,” was distributed through the developer of the North Online GTA cheat mod.

The exploit can reportedly impact anyone, not just players in the same multiplayer lobby as the attacker, according toBleepingComputer. That means anyone currently online and playing the game on PC is at least theoretically vulnerable to attack. (Console players are unaffected.) Engadget reached out to Rockstar for comment, and we will update this article if we hear back.

The company tweeted this acknowledgment of the fiasco on Monday.

North’s developer removed the abusive elements on January 21st and apologized (their changelog read “bad judgement on my part for adding this public.”) Although GTA Online doesn’t block harmless community-created mods, those distributing cheats or other hacks tilting the game’s competitive balance may face real-world consequences. Rockstar and parent company Take-Two Interactive have previously taken legal action against cheat makers, including the creator of an infinite-money hack who was ordered to pay $150,000 plus attorney fees in 2019.

A workaround for corrupted accounts, which some players have claimed works, is to delete the “Rockstar Games” folder from the Windows Documents folder before reloading the game. However, we recommend avoiding the PC version until Rockstar cleans things up.

Apple releases iOS 16.3 with support for physical security keys

Apple boosted iOS security today with the release of its 16.3 software update. For the first time, iOS users can use physical security keys for two-factor authentication (2FA) of their Apple ID. This new measure, announced by the company last year, add…