security

TikTok has some worrying security flaws that could leave your … – TechRadar


Cybersecurity researchers from Imperva have uncovered a flaw in the popular social media app TikTok which could have allowed threat actors to exfiltrate sensitive data from victim devices to be used in identity theft attacks, phishing, or for blackmail.

The vulnerability, which has since been fixed, was found in the way the app handled incoming messages. Explaining the method, the researchers said the attackers could send a malicious message to the TikTok web application through the PostMessage API, which would glide past any security measures. 



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.