THAT FUCKING CHUCKLEFUCK IS RETURNING EVERY FUCKING USER'S BCRYPT PASSWORD HASH IN THE FUCKING API

The only weird part of this is that it's using bcrypt? This is really a "what's wrong with md5 anyway?" Level of bad

I have no idea what any of this means but I am taking your word for it Glad I never signed up.

making apis is so ez tho just json(select * from users where name = $var) websites r so simple

is this that squirtle social media website leak thing

i shouldn't want to respond "lolololol" because there are innocent people affected. but also lololololololololol forever

Wow. What I know about cybersecurity is basically from having roomed with a CS major in college and then following you & others online for years, and I still read that article with increasing levels of “Oh no… They can’t have been that stupid, can they?” as I went along.

Even after I read the headline, as I read the article I found myself spontaneously leaning in and saying "NO WAY!"

Joni Mitchell is the light. Thank you Canada for her. She paints with brushes and with words.

🙄 breaks out CVE notepad 🗒️

You sound like me when I find MMOs where the designers made the client authoritative.