Pinned
We have escalated this false OAuth client problem to @XDevelopers about 5 times and it has not been solved by X yet.
Unfortunately hackers can impersonate brands to create OAuth clients that can then obtain permission over your account.
We will never ask for authorizing an app.
Replying to @slopbleach
the link opened a X app authorization which I didn't even read and just instinctively approved, and it proceeded to the booking link
thought this was odd but didn't think much as I was multitasking. turns out it gave the hacker full access to make posts from my profile...













