The well-known social networking site, Twitter started sending out pop-up notifications to Android users last night, notifying that the company’s security team found a security vulnerability in the Android client.
Attackers can use this vulnerability and malicious software installed on the user’s device to bypass the Android system permissions and access the private data of the user’s Twitter account.
Including the content of tweets, like data and even the content of private messages, especially the leakage of private message content may cause major security risks to users. The security vulnerability of this Twitter only affects the Android version and the Android version is Android 8 & 9.
The iOS version, Twitter web version, and PWA progressive web application are not affected by the vulnerability. Twitter has not disclosed the details of this vulnerability.
However, Twitter officials emphasized that there is no evidence that the vulnerability has been exploited by hackers, so for now, the user’s account and private data are safe. But now users must go to the app store to get the latest version of Android, otherwise, there will be this security risk.