Security News

Facebook sues data analytics firm OneAudience over malicious SDK
2020-03-02 11:52

Facebook is suing the data analytics firm OneAudience for allegedly developing a malicious, social-media-profile-grabbing software development kit and then paying app developers to embed it in their apps. According to the complaint, OneAudience's malicious SDK swiped the data that Facebook users had agreed to share with the app - data that may have included their name, email address, the country where they logged in from, time zone, Facebook ID, and, sometimes, gender.

Vulnerabilities Found in VMware Tools, Workspace ONE SDK
2020-01-15 14:11

VMware on Tuesday advised customers using VMware Tools version 10 for Windows to update their installations to version 11 due to a local privilege escalation vulnerability. According to the virtualization giant, the repair operation in VMware Tools 10.x.y is affected by a race condition that allows an attacker who has access to the guest virtual machine to escalate their privileges.

SDKs Misused to Scrape Twitter, Facebook Account Info
2019-11-27 17:44

Malicious mobile apps could be created to scrape and share profile information, email addresses and more.

Facebook, Twitter profiles slurped by mobile apps using malicious SDKs
2019-11-27 12:49

Hundreds of users gave permission to these third-party apps to access their social media accounts, but the apps got more handsy than that.

Twitter, Facebook User Data Improperly Accessed via Malicious SDKs
2019-11-27 05:53

Twitter and Facebook this week took action against malicious mobile software development kits (SDKs) that were used to improperly access user data. read more

Malicious Android SDKs Caught Accessing Facebook and Twitter Users Data
2019-11-26 06:34

Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users' data associated with their connected...

Adobe fixes SDK weakness affecting mobile apps
2019-11-11 12:13

Researchers noticed that the main app configuration file, ADBMobileConfig.json, contained settings that could lead to security problems.

Datawallet launches Datawallet 3.0 – Developer Edition alongside their Developer SDK
2019-07-29 01:30

Datawallet, the company building the digital wallet for all your data, has released their developer-focused product Datawallet 3.0 — Developer Edition alongside their Developer SDK. All Datawallet...

Intel Patches High-Severity Flaws in Media SDK, Mini PC
2019-04-09 20:11

Overall Intel patched four vulnerabilities, including high-severity flaws in its Media SDK and Intel NUC mini PC.

Google Warns of Growing Android Attack Vector: Backdoored SDKs and Pre-Installed Apps
2019-04-01 17:45

Google said in 2018 it tracked a rise in the number of potentially harmful apps found on Android devices that were either pre-installed or delivered via over-the-air updates.