Eavesdropper vulnerability strikes apps using Twilio

OKsystem news

November 20, 2017

The vulnerability, which Appthority researchers have dubbed Eavesdropper, was introduced when developers carelessly hard coded their credentials into mobile applications using Twilio for communications services. Twilio, application programming interface (API), enables mobile applications and their developers to easily implement calls and instant messaging.

Eavesdropper poses a serious enterprise data threat because it allows an attacker to access confidential company information. Eavesdropper has affected almost 700 iOS and Android apps.

Source: Appthority

Back to list