![]() At this point, the app is still available on the Play store, gaining new installs every day and putting its users at risk. ![]() We are currently working with Google to get in touch with the app developer to help fix the vulnerability. On March 19, the team was able to confirm that the vulnerability was still present in the newest version of Super VPN. Google’s HackerOne program allows for disclosures of apps with more than 100 million downloads. Update (April 3): We shared our findings directly with Google through Google Play Security Reward Program – a vulnerability disclosure program on HackerOne, since we were unable to contact Super VPN’s developer directly. ![]() Update (April 8): Google has removed the SuperVPN app from the Play store. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |