SpaceX Reports $8 Billion Profit as IPO Plans and Starlink Growth Fuel Valuation Buzz 
OpenAI Expands Enterprise AI Strategy With Major Hiring Push Ahead of New Business Offering 
Baidu Approves $5 Billion Share Buyback and Plans First-Ever Dividend in 2026 
Sony Q3 Profit Jumps on Gaming and Image Sensors, Full-Year Outlook Raised 
Nvidia, ByteDance, and the U.S.-China AI Chip Standoff Over H200 Exports 
TSMC Eyes 3nm Chip Production in Japan with $17 Billion Kumamoto Investment 
Nvidia’s $100 Billion OpenAI Investment Faces Internal Doubts, Report Says 
Nintendo Shares Slide After Earnings Miss Raises Switch 2 Margin Concerns 
AMD Shares Slide Despite Earnings Beat as Cautious Revenue Outlook Weighs on Stock 
Elon Musk’s Empire: SpaceX, Tesla, and xAI Merger Talks Spark Investor Debate 
Anthropic Eyes $350 Billion Valuation as AI Funding and Share Sale Accelerate 
SpaceX Updates Starlink Privacy Policy to Allow AI Training as xAI Merger Talks and IPO Loom 
Nvidia Nears $20 Billion OpenAI Investment as AI Funding Race Intensifies 
Global PC Makers Eye Chinese Memory Chip Suppliers Amid Ongoing Supply Crunch 
Alphabet’s Massive AI Spending Surge Signals Confidence in Google’s Growth Engine 
US Judge Rejects $2.36B Penalty Bid Against Google in Privacy Data Case 
With stay-at-home recommendations still in place in many parts of the world, the demand for dating apps has likely spiked. This also means that online dating platforms became another rich field for cybercriminals, so it is quite concerning when security researchers reported significant vulnerabilities found on the OkCupid app that caters to more than 50 million users.
OkCupid security flaws discovered by researchers
Check Point Research spotted some vulnerabilities on the OkCupid app that may have “allowed attackers to” control an account to some degree. The security issues could have led to the stealing of personal information, private data, and authentication tokens.
The researchers reverse-engineered OkCupid v.40.3.1 on an Android 6.0.1 device and found that it has a deep link function allowing a hacker to inject malicious links to execute an attack. Check Point also discovered that the OkCupid main domain could have been compromised using reflected cross-site scripting (XSS), an attack that hackers utilize to access a user’s cookies by injecting malicious scripts on a vulnerable website.
They were then able to prove that the security flaws would have let hackers steal profile data that users provide upon signing up on OkCupid. The vulnerability also made it possible to steal authentication tokens, send messages on behalf of the users, and collect other sensitive data such as email addresses for exfiltration. However, Check Point confirmed a complete account takeover was not possible because the cookies still had some protection.
OkCupid says no account was compromised, vulnerabilities fixed
Like any decent security research firm, Check Point informed OkCupid of the flaws of its app and domain before publishing their study. At the time of publication, Check Point noted that OkCupid has already “responsibly deployed” a fix on the issues they identified. The online dating platform assured the researchers, “Not a single user was impacted by the potential vulnerability on OkCupid, and we were able to fix it within 48 hours.”
OkCupid users, on the other hand, should also be aware of the basic methods to protect themselves online. It is always advised to use strong passwords and to not give away too much personal information on a dating app. It is also best to always have the latest version of any app to ensure they carry the latest security updates as well.
