Nvidia CEO Jensen Huang Says AI Investment Boom Is Just Beginning as NVDA Shares Surge 
SoftBank and Intel Partner to Develop Next-Generation Memory Chips for AI Data Centers 
Nvidia, ByteDance, and the U.S.-China AI Chip Standoff Over H200 Exports 
Sony Q3 Profit Jumps on Gaming and Image Sensors, Full-Year Outlook Raised 
Tencent Shares Slide After WeChat Restricts YuanBao AI Promotional Links 
Alphabet’s Massive AI Spending Surge Signals Confidence in Google’s Growth Engine 
SoftBank Shares Slide After Arm Earnings Miss Fuels Tech Stock Sell-Off 
Sam Altman Reaffirms OpenAI’s Long-Term Commitment to NVIDIA Amid Chip Report 
SpaceX Updates Starlink Privacy Policy to Allow AI Training as xAI Merger Talks and IPO Loom 
Baidu Approves $5 Billion Share Buyback and Plans First-Ever Dividend in 2026 
Nvidia Nears $20 Billion OpenAI Investment as AI Funding Race Intensifies 
Elon Musk’s Empire: SpaceX, Tesla, and xAI Merger Talks Spark Investor Debate 
Anthropic Eyes $350 Billion Valuation as AI Funding and Share Sale Accelerate 
TSMC Eyes 3nm Chip Production in Japan with $17 Billion Kumamoto Investment 
AMD Shares Slide Despite Earnings Beat as Cautious Revenue Outlook Weighs on Stock 
Nvidia Confirms Major OpenAI Investment Amid AI Funding Race 
With stay-at-home recommendations still in place in many parts of the world, the demand for dating apps has likely spiked. This also means that online dating platforms became another rich field for cybercriminals, so it is quite concerning when security researchers reported significant vulnerabilities found on the OkCupid app that caters to more than 50 million users.
OkCupid security flaws discovered by researchers
Check Point Research spotted some vulnerabilities on the OkCupid app that may have “allowed attackers to” control an account to some degree. The security issues could have led to the stealing of personal information, private data, and authentication tokens.
The researchers reverse-engineered OkCupid v.40.3.1 on an Android 6.0.1 device and found that it has a deep link function allowing a hacker to inject malicious links to execute an attack. Check Point also discovered that the OkCupid main domain could have been compromised using reflected cross-site scripting (XSS), an attack that hackers utilize to access a user’s cookies by injecting malicious scripts on a vulnerable website.
They were then able to prove that the security flaws would have let hackers steal profile data that users provide upon signing up on OkCupid. The vulnerability also made it possible to steal authentication tokens, send messages on behalf of the users, and collect other sensitive data such as email addresses for exfiltration. However, Check Point confirmed a complete account takeover was not possible because the cookies still had some protection.
OkCupid says no account was compromised, vulnerabilities fixed
Like any decent security research firm, Check Point informed OkCupid of the flaws of its app and domain before publishing their study. At the time of publication, Check Point noted that OkCupid has already “responsibly deployed” a fix on the issues they identified. The online dating platform assured the researchers, “Not a single user was impacted by the potential vulnerability on OkCupid, and we were able to fix it within 48 hours.”
OkCupid users, on the other hand, should also be aware of the basic methods to protect themselves online. It is always advised to use strong passwords and to not give away too much personal information on a dating app. It is also best to always have the latest version of any app to ensure they carry the latest security updates as well.
