EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

A critical vulnerability in the EngageLab SDK exposed approximately 50 million Android users, including 30 million cryptocurrency wallet users, to potential data theft. The flaw, discovered by Microsoft Defender, allowed malicious apps on the same device to bypass Android's security sandbox and gain unauthorized access to private user data. The vulnerability affected a widely deployed third-party Android SDK, creating a systemic risk across multiple applications. The issue has been patched, and users are advised to verify their applications are running the latest SDK versions. Organizations should audit their mobile applications for EngageLab SDK usage and ensure timely updates to mitigate risks of credential theft and financial fraud targeting cryptocurrency wallet holders.

Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender

A critical vulnerability in the EngageLab SDK exposed approximately 50 million Android users, including 30 million cryptocurrency wallet users, to potential data theft. The flaw, discovered by Microsoft Defender, allowed malicious apps on the same device to bypass Android's security sandbox and gain unauthorized access to private user data. The vulnerability affected a widely deployed third-party Android SDK, creating a systemic risk across multiple applications. The issue has been patched, and users are advised to verify their applications are running the latest SDK versions. Organizations should audit their mobile applications for EngageLab SDK usage and ensure timely updates to mitigate risks of credential theft and financial fraud targeting cryptocurrency wallet holders. Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender Details have emerged about a now-patched security vulnerability in a widely used third-party Android software development kit (SDK) called EngageLab SDK that could have put millions of cryptocurrency wallet users at risk. "This flaw allows apps on the same device to bypass Android security sandbox and gain unauthorized access to private data," the Microsoft Defender