The App You Asked Your Employees to Install Can Leak Their Bank Account Details to Hackers Security audit of shift scheduling and workforce management apps finds flaws that expose Plaid banking tokens, allow fake messages under the employer's brand, and let attackers silently delete shift notifications.
That AI You Confide in May Be an Open Book: Researchers Find Cloud Keys, Exposed Conversations, and Injectable Chat in Companion Apps Oversecured identifies hardcoded cloud credentials and a cross-site scripting flaw in popular AI companion apps, exposing backend infrastructure and allowing code injection into private conversations.
Security Researchers Find Vulnerabilities in Mental Health Apps; One With Millions of Users May Leak Therapy Notes Oversecured has identified vulnerabilities in several popular mental health apps with tens of millions of downloads. The flaws could turn these apps into unintended data sources for surveillance, including personal conversations with AI