CNBC reports that the increasingly popular e-commerce app Temu has been accused by the U.S. government of having data security risks following the removal of its Chinese sister app Pinduoduo from the Google Play Store due to the presence of malware, which exploited Android security flaws.
Such allegations surrounding Temu's data security risks have been downplayed by security researchers, including Acronis Chief Information Security Officer Kevin Reed who said that Temu is significantly less aggressive than Pinduoduo in requesting device permissions. Moreover, Arctic Wolf Labs Vice President and Head Daniel Thanos said that no version of Temu was found to have malicious functionality and that the Temu app is not leveraging keys that have been used for signing Pinduoduo malware.
"Based on our analysis, it appears that this malware is targeting Chinese users primarily, as it appears to target devices usually sold and used in China such as Xiaomi, Vivo, Oppo, Samsung, etc, and their corresponding applications," Thanos.
The European Union Agency for Cybersecurity (ENISA) has published a report on potential cybersecurity threats for 2030, trying to anticipate future security risks based on current trends and expert opinions. While some of the less likely predictions may touch on science fiction, the top two anticipated threats are already with us today: software supply chain compromises and AI-enhanced disinformation campaigns.
Googlehas introduced its new Mobile Vulnerability Rewards Program that would offer rewards for the identification of security flaws in Google's first-party Android applications,BleepingComputerreports.