By Dr. Eleanor Vance | Published on December 04, 2025
Data security in this day and age was already a joke. Besides one accurately guessed password putting [[link]] a 158-year old company out of business, hackers keep finding zero-day flaws in Chrome like it's going out of fashion. Speaking of, the latest data security punchline involves a zero-day flaw in Lovense, an app designed to remotely control a number of different sex toys—and before you ask, yes, my family is always telling me how proud they are of what I do for a living.
Simply by knowing someone's Lovense username, hackers can reportedly leverage the zero-day flaw to get at users' email addresses and potentially more private information too (via Bleeping Computer). Worse still, it turns out that simply by knowing a user's email address, hackers can then also hijack their Lovense account.
The vulnerability was believed to have been first reported to the company back in March, with security researcher BobDaHacker sharing a public blog post in June that breaks down the technical ins and outs of the vulnerability. In Bob's own words, "It all started when I was using the Lovense app and muted someone. That's it. Just muted them. But then I saw the API response and was like... wait, is that an email address? Why is that there?"
While it's 'haha very funny' that not even your sex toy with app integration is safe from data breaches, it remains hilarious only up until a sufficiently motivated bad actor follows the breadcrumb trail of user details in the Lovense app to somewhere that hits uncomfortably close to home. As amusing as the thought of a rogue vibrator is, these two vulnerabilities present serious doxing concerns for both regular users and cam performers alike. Unfortunately, this story gets worse.
By Bob's own admission, it turns out Lovense has been aware of the account takeover issue since at least 2023, when it was first flagged by software engineer Krissy. Lovense has repeatedly claimed to have fixed the issue since then. However, testing by Bob and fellow security researchers Eva and Rebane discovered these fixes left much to be desired as potentially account exposing gtokens could still be [[link]] generated as of July 28, 2025.
So, why is the platform dragging their feet over such a major security flaw? Lovense apparently told Bob over email that "resolving the root cause involves deeper architectural work" that "would disrupt support for legacy versions." To recap, this is regarding a security flaw the company has been aware of in some form for nearly two years already.
Bob advises Lovense users to either only use throwaway email addresses, or to otherwise have a long hard "think about if you trust a company that takes 4+ months [[link]] to half-fix critical bugs."
Reader Comments
Sometimes I wish there were more ways to earn rewards through loyalty programs or frequent player bonuses. Adding seasonal events or special challenges could enhance the excitement even further. The payout process is generally smooth and reliable, though occasionally it takes longer than expected. Overall, I feel confident that my winnings are safe and will be credited properly.
The promotions and bonuses offered are very generous. I especially love the daily free spins and deposit bonuses. They make playing even more enjoyable and increase my chances of winning big. The platform keeps me engaged for hours every day. I love the overall aesthetic of the platform. The animations, visual effects, and sound design make the gaming experience more dynamic and immersive. It's one of the reasons I keep coming back. The variety of games is excellent, including table games like blackjack, roulette, and baccarat, in addition to slots. This keeps the platform interesting and allows me to switch games depending on my mood.
I appreciate the themed slot games, especially those based on movies and TV shows. They make the gaming experience more engaging and immersive. The combination of storyline, visuals, and bonus features makes each game feel unique. Sometimes I wish there were more ways to earn rewards through loyalty programs or frequent player bonuses. Adding seasonal events or special challenges could enhance the excitement even further. The payout process is generally smooth and reliable, though occasionally it takes longer than expected. Overall, I feel confident that my winnings are safe and will be credited properly.