Tinder was made vulnerable to an attack that would have let hackers take over a user account with the user’s phone number. This attack exploited Facebook’s account kit system and a unique vulnerability introduced in Tinder’s implementation of account kit. Tinder wasn’t checking user’s account tokens generated by account kit against their associated client IDs, […]