Home     Startups     Apps     Finance     Tech     Politics     Security     AI     Crypto

Saturday, April 18, 2026 Login   /   Registration

Home     Startups     Apps     Finance     Tech     Politics     Security     AI     Crypto

Trending News

August 21, 2025 Hackers Infiltrate Alleged North Korean Operative’s Computer, Leak Evidence of... August 21, 2025 Ecosia Proposes Unusual Stewardship Model for Google Chrome August 21, 2025 OpenAI Presses Meta for Evidence on Musk’s $97 Billion Takeover Bid August 15, 2025 ChatGPT Mobile App Surpasses $2 Billion in Consumer Spending, Dominating Rivals

← →

Researcher Exposes Unfixed Security Flaws in Lovense Devices, Including Account Takeover Risk July 29, 2025 Lovense, a major manufacturer of internet-connected sex toys, is facing scrutiny after a security researcher revealed two serious vulnerabilities affecting its user accounts and privacy. The flaws, which the company has yet to fully fix, expose users’ private email addresses and allow for complete account takeovers. The issues were uncovered by a security researcher known as BobDaHacker, who published their findings after Lovense indicated it would take 14 months to fully resolve the problems — a timeline the researcher called unacceptable. According to BobDaHacker, Lovense’s mobile app was leaking users’ email addresses during normal interactions, such as muting other users. While these emails weren’t visible in the app interface, anyone monitoring network traffic could retrieve them easily. The flaw was particularly concerning for sex workers and cam models who publicly share their usernames but rely on email privacy. The second, more critical flaw allowed full account takeovers. By using the leaked email addresses, the researcher was able to generate valid authentication tokens without knowing users' passwords. These tokens granted complete control over a target’s account — including remote access to devices. “Literally anyone could take over any account just by knowing the email address,” the researcher said. Lovense users across the board were potentially affected, including millions who use the company’s products for remote intimacy or adult livestreaming. The company, which boasts over 20 million users, made headlines in 2023 for integrating AI into its devices. The flaws were reported to Lovense on March 26 through the Internet of Dongs project, which helps security researchers report vulnerabilities in sex tech. While Lovense did award a $3,000 bounty via HackerOne, the company resisted urgent fixes, citing concerns about inconveniencing users with legacy devices. Instead of pursuing a quick patch, Lovense opted for a slower 14-month timeline, prompting BobDaHacker to go public. The company’s initial response didn’t include a plan to notify affected users. Only after publication of the findings did Lovense confirm that the account takeover bug had been addressed. A fix for the email disclosure issue, they said, would roll out in the following week. Security experts typically expect vendors to resolve critical vulnerabilities within 90 days. In this case, BobDaHacker argued that the delay needlessly endangered users — especially those in vulnerable professions. The situation highlights the broader risks of internet-connected personal devices, where security lapses can have deeply personal and potentially harmful consequences.

Security August 21, 2025 Hackers Infiltrate Alleged North Korean Operative’s Computer, Leak Evidence of... Startups August 21, 2025 Ecosia Proposes Unusual Stewardship Model for Google Chrome AI August 21, 2025 OpenAI Presses Meta for Evidence on Musk’s $97 Billion Takeover Bid Apps August 15, 2025 ChatGPT Mobile App Surpasses $2 Billion in Consumer Spending, Dominating Rivals Sign Up to Our Newsletter! Get the latest news in tech. Subscribe Finance August 15, 2025 Gemini Seeks IPO on Nasdaq Despite Deepening Losses Politics August 16, 2025 Judge Blocks FTC Probe Into Media Matters, Citing First Amendment Concerns Politics August 15, 2025 Solar Inverter Vulnerabilities Highlight Growing Cybersecurity Risks AI August 16, 2025 Anthropic Introduces Conversation-Ending Feature in Claude AI Models

Read more

Apps August 13, 2025 Airbnb Introduces ‘Reserve Now, Pay Later’ for U.S. Travelers Finance August 13, 2025 Fountain Life Raises $18M to Expand Longevity and Preventive Health Centers Tech August 13, 2025 Pebble Time 2 Revealed With Final Design and New Features AI August 13, 2025 Anthropic Acquires Humanloop Team to Boost Enterprise AI Capabilities Apps August 13, 2025 Amazon Expands Same-Day Delivery to Include Fresh Groceries in 1,000 U.S. Cities AI August 13, 2025 Igor Babuschkin Departs xAI to Launch AI-Focused Venture Capital Firm Security August 12, 2025 Russia Suspected in Breach of U.S. Federal Court Filing System Security August 12, 2025 Hackers Breach North Korean Operative’s Computer, Leak Data Online

Home     Startups     Apps     Finance     Tech     Politics     Security     AI     Crypto © 2026 Web Economics. All rights reserved.

Sign Up to Our Newsletter! Subscribe