Kaspersky researchers found apps in Google's Play Store and Apple's App Store that use OCR to steal crypto wallet recovery phrases from images on users' devices
Android and iOS apps on the Google Play Store and Apple App Store contain a malicious software development kit (SDK) …
Microsoft says hackers used vulnerabilities in the Boa web server, discontinued in 2005 but widely used across IoT devices, to target the Indian power sector
Current Description /cgi-bin/wapopen in BOA Webserver .94.14rc21 allows … Katie McCafferty / Microsoft Security Blog : Vulnerable SDK components lead to supply chain risks in IoT and OT environments T...
A look at 493 COVID related iOS apps across 98 countries including each app's permissions requests, developer location and embedded SDKs, sorted by categories
Health and Fitness - Pandemic: The Next App Store Genre? — Since the Coronavirus pandemic began, a host of Covid-19 applications have emerged. Tweets: @d1gi , @rachelcoldicutt , @seanmmcdonald , @ju...
Security research firm Snyk alleges that Chinese ad network Mintegral committed ad click fraud via its SDK across billions of installs of 1,200+ iOS apps
A Chinese ad network named Mintegral is accused of spying on user activity and committing ad fraud in more than 1,200 apps with 300 million installs per month since July 2019.
US government contractor Anomaly Six collects and sells location data from hundreds of millions of phones globally via an SDK that is embedded in 500+ apps
Byron Tau / Wall Street Journal :
Dozens of tracking apps for smartphones are being used or developed to help contain the pandemic, despite concerns about security, privacy, and effectiveness
literally dozens gathering info on people's location or contacts to curb the virus. Can they help? What are the pitfalls? Will people use them? @natashanyt @Aaron_Krolik & I take a look 1/ https://www...
Some popular apps send sensitive info to Facebook via the company's analytics SDK, such as a user's heart rate, intent to get pregnant, and home listings viewed
Rise of ‘Surveillance Capitalism,’ China and Iran Go Hacking, Facebook as ‘Digital Gangster’ NBC News : Use an app to track your period? That data and more could end up with Facebook, WSJ reports John...
Report: some iPhone apps use Glassbox's analytics SDK to record in-app user interactions without permission, and recordings sometimes don't mask sensitive data
And there's no way a user would know — Many major companies, like Air Canada, Hollister and Expedia, are recording every tap and swipe you make on their iPhone apps.
Report: some apps using Facebook's SDK, like Grindr and Bible+, send user info to Facebook, including location, where users click, and how long the app is used
Facebook provided developers with tools to build Facebook-compatible apps like Tinder, Grindr and Pregnancy+.
500+ apps, downloaded 100M+ times, removed by Google from Play Store or updated after it was discovered that an ad SDK they used could serve as spyware backdoor
The Shield :