Cybersecurity Videos
  • All Technology
  • AI
  • Autonomy
  • B2B Growth
  • Big Data
  • BioTech
  • ClimateTech
  • Consumer Tech
  • Crypto
  • Cybersecurity
  • DevOps
  • Digital Marketing
  • Ecommerce
  • EdTech
  • Enterprise
  • FinTech
  • GovTech
  • Hardware
  • HealthTech
  • HRTech
  • LegalTech
  • Nanotech
  • PropTech
  • Quantum
  • Robotics
  • SaaS
  • SpaceTech
AllNewsDealsSocialBlogsVideosPodcastsDigests

Cybersecurity Pulse

EMAIL DIGESTS

Daily

Every morning

Weekly

Sunday recap

NewsDealsSocialBlogsVideosPodcasts
CybersecurityVideosTiKTok Needs to Fix This Vulnerability
Cybersecurity

TiKTok Needs to Fix This Vulnerability

•February 16, 2026
0
John Hammond
John Hammond•Feb 16, 2026

Why It Matters

The flaw enables credential theft and malware distribution at scale, pressuring TikTok to patch quickly and highlighting the need for heightened user vigilance against deceptive email attachments.

Key Takeaways

  • •TikTok's open redirect flaw exploited in phishing campaigns
  • •Attackers embed malicious HTML attachments masquerading as voice messages
  • •Vulnerability redirects users to attacker‑controlled sites via encoded URLs
  • •Phishing kit includes anti‑debugger checks to evade security analysis
  • •TikTok has known the issue for over a year without remediation

Summary

The video exposes an open‑redirect vulnerability on TikTok’s domain that has been known internally for more than a year yet remains unpatched. Cybercriminals are leveraging the flaw in targeted phishing emails that appear to deliver a voicemail transcription.

The malicious payload arrives as an HTML attachment named “play_ow” which contains a script that redirects the browser from the legitimate tik‑tok.com URL to an attacker‑controlled Amazon S3 bucket. The redirect URL is heavily URL‑encoded, allowing any destination—such as facebook.com—to be injected.

The presenter highlights anti‑debugger tricks embedded in the JavaScript, including checks for developer tools, key presses, and user‑agent strings, which abort the attack when a security analyst inspects the page. A screenshot shows a fake Cloudflare turnstile and a subsequent Outlook‑style login prompt designed to harvest MFA credentials.

If exploited, the chain can capture login details, install malware, and bypass multi‑factor authentication, posing a significant risk to TikTok’s massive user base. The continued exposure underscores the urgency for TikTok to implement proper redirect validation and for organizations to educate users about suspicious email attachments.

Original Description

https://jh.live/sublime-security-webinar || Catch the recap of more phishing schemes and trends to watch out in my webinar with Sublime Security :) https://jh.live/sublime-security-webinar
Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training
See what else I'm up to with: https://jh.live/newsletter
ℹ️ Affiliates:
Learn how to code with CodeCrafters: https://jh.live/codecrafters
Host your own VPN with OpenVPN: https://jh.live/openvpn
Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense
0

Comments

Want to join the conversation?

Loading comments...