Hacker News article Hackers have figured out how to get Twitter to let them hijack bots and use their own passwords and identities to log in.
Twitter has been known to allow bots to interact with its service and offer advertising.
A Twitter spokesperson confirmed the vulnerability was discovered Monday.
The vulnerability could be exploited by someone with access to Twitter’s servers to perform malicious actions on Twitter’s behalf.
It’s not clear how often bots interact with the service, though Twitter has been working with security experts to identify ways to prevent them from doing so.
The company’s chief security officer, Michael McAlister, said that, while the hack is only affecting bots, the vulnerability could potentially allow hackers to impersonate people.
Twitter also said that it is working with researchers to develop an update that prevents bots from hijacking accounts and providing malicious ads.
It’s not the first time Twitter has suffered from a bot attack.
A separate vulnerability in 2016 allowed hackers to access accounts from infected phones and send malware to people.