GoPlus: Meta account recovery feature exposed to high-risk design flaws, which could directly leak users' sensitive information
By: rootdata|2026/06/09 04:45:01
0
Share
GoPlus posted on platform X that the Meta account recovery feature has been exposed to a high-risk design flaw, which could directly leak users' phone numbers, email addresses, and PII (Personally Identifiable Information). Attackers only need to input the META username without any login or verification to directly obtain the complete PII linked to the user, such as email addresses and phone numbers. This could pose significant risks to users, including: large-scale phishing attacks, SIM card swapping attacks, account takeover and identity theft, and targeted social engineering attacks.
Recommendations: Remove or change the leaked email/phone number as a recovery method; modify related account passwords and enable 2FA; do not click on any emails or messages related to "account anomalies," "verification," or "password reset"; set up multi-channel verification, which can be verified through official documents or other official social media channels.
You may also like
OKX Star analyzes Binance's competitive advantages: when regulation levels the playing field, competition has just begun
OKX founder Star published a lengthy article, systematically analyzing Binance's competitive advantages over the years: regulatory arbitrage, speculative narrative cycles, social media control, and superficial compliance, stating that the essence of these advantages is not product capability, but ra...
Full version of the debut Q&A! Federal Reserve Chairman Waller: Sticking to the 2% inflation target, establishing five special working groups, individual did not submit the dot plot
Federal Reserve Chairman Waller's debut featured a significant slimming statement, the cancellation of forward guidance, refusal to submit the dot plot, and the establishment of five working groups, vowing to uphold the 2% inflation target, which triggered a sharp decline in U.S. stocks and a surge ...
From Disruptor to Shadow Market: The Crypto Market is Becoming a Colony of Traditional Finance
"Coin-stock linkage" has evolved from the early stage of macro correlation and one-way penetration of emotional funds to the current 3.0 stage, where on-chain perpetual contracts provide extended trading hours and emotional signal value for traditional assets 24/7, and participate in Pre-IPO pricing...
Dalio's important long article: How to position in the current market environment?
Do not confuse the excitement for new technologies with whether those tech stocks are attractive.
DeepSeek Financing Story
DeepSeek's financing insider information exposed: "Four-hour meeting" fully demonstrates Liang Wenfeng's determination for AGI, over a hundred institutions involved, Sequoia and Hillhouse rarely absent, not poaching talent is the hardest red line.
Morning Report | Illinois signs the strictest digital asset tax law in the U.S.; RWA tokenization market size surpasses $43 billion, institutions accelerate the migration of on-chain assets
Overview of Important Market Events on June 17
Morning Report | DeepSeek completes over $7 billion in financing, with a valuation exceeding $50 billion; Musk's personal wealth has surpassed the total market value of Bitcoin
Overview of Important Market Events on June 16
Cursor, why did you get on Musk's spaceship?
SpaceX set a record with its IPO, spending a staggering $60 billion to acquire the popular AI programming unicorn Cursor just four days later. Musk is using the ultimate puzzle of "super computing power + top coding engine" to propel the market value skyrocketing, surpassing Amazon in one fell swoop...
In the name of charity, for the benefit of the family: How the Trump family turned charity into profit?
This set of "beautiful rhetoric and value return to one's own people" has not stopped at charitable foundations; it has now almost been transferred intact to American Bitcoin.
Will Gold Break $4,500 After Tonight's Fed Decision? What XAUT and PAXG Traders Need to Know
The Federal Reserve announces its June rate decision tonight. Could gold break $4,500 next? Explore the latest gold price prediction, key Fed scenarios, and what they mean for XAUT and PAXG traders.
SharpLink CEO: How to understand that Ethereum developers have just surpassed 1 million?
The most important question in the cryptocurrency industry is not which chain is the fastest, but rather where top builders choose to build in the long term. Ethereum has just surpassed one million cumulative developers; what does this number mean?
Morning Report | MiCA grace period expires on July 1; Kalshi's trading volume in the first week of the World Cup breaks $5.1 billion, setting a record
Overview of Important Market Events on June 15
The foundation of SpaceX's trillion-dollar valuation: Who is dividing Musk's annual capital expenditure of tens of billions?
SpaceX Supply Chain Revealed: The Invisible Gold Mine Behind the Trillion-Dollar "Space Dream," from Nvidia's Computing Power Monopoly to China's Sole Supplier of Special Materials, these overlooked water-selling talents are the true wealth creation engine.
How to exit after asset tokenization?
Currently, three models have emerged, aimed at providing instant exit routes for tokenized real-world assets. Their differences lie in: who holds the funds required for exit, how efficiently the funds operate, and the extent to which this model can be scaled across different asset types.
The stablecoin positioning battle escalates: When compliance is just a ticket to entry, will USD1 become the biggest winner?
How does the GENIUS Act reshape the stablecoin landscape?
A16Z: The sun bears witness, SpaceX is worth 7.5 trillion
A deep analysis of Musk's ultimate grand vision: how SpaceX, xAI, and Tesla are deeply intertwined, using space AI data centers and Starships to gradually turn the sci-fi fantasies of Mars colonization and multi-planetary civilization into reality.
Mergers and acquisitions in the cryptocurrency market are exceptionally active
Behind the rise in mergers and acquisitions is a sluggish financing market, declining project valuations, and increased pressure for startup teams to exit. However, it also indicates that the cryptocurrency industry has not lost its capital vitality, but is completing resource reorganization in anot...
Concerns Behind the Binance Customer Service Controversy
As the user base expands to the scale of Binance today, relying on the personal efforts of the founder and a few employees to fill process gaps has become an unsustainable arrangement.
OKX Star analyzes Binance's competitive advantages: when regulation levels the playing field, competition has just begun
OKX founder Star published a lengthy article, systematically analyzing Binance's competitive advantages over the years: regulatory arbitrage, speculative narrative cycles, social media control, and superficial compliance, stating that the essence of these advantages is not product capability, but ra...
Full version of the debut Q&A! Federal Reserve Chairman Waller: Sticking to the 2% inflation target, establishing five special working groups, individual did not submit the dot plot
Federal Reserve Chairman Waller's debut featured a significant slimming statement, the cancellation of forward guidance, refusal to submit the dot plot, and the establishment of five working groups, vowing to uphold the 2% inflation target, which triggered a sharp decline in U.S. stocks and a surge ...
From Disruptor to Shadow Market: The Crypto Market is Becoming a Colony of Traditional Finance
"Coin-stock linkage" has evolved from the early stage of macro correlation and one-way penetration of emotional funds to the current 3.0 stage, where on-chain perpetual contracts provide extended trading hours and emotional signal value for traditional assets 24/7, and participate in Pre-IPO pricing...
Dalio's important long article: How to position in the current market environment?
Do not confuse the excitement for new technologies with whether those tech stocks are attractive.
DeepSeek Financing Story
DeepSeek's financing insider information exposed: "Four-hour meeting" fully demonstrates Liang Wenfeng's determination for AGI, over a hundred institutions involved, Sequoia and Hillhouse rarely absent, not poaching talent is the hardest red line.
Morning Report | Illinois signs the strictest digital asset tax law in the U.S.; RWA tokenization market size surpasses $43 billion, institutions accelerate the migration of on-chain assets
Overview of Important Market Events on June 17
Customer Support:@weikecs
Business Cooperation:@weikecs
Quant Trading & MM:bd@weex.com
VIP Program:support@weex.com
