TheTruthSpy stalkerware, still insecure, still leaking data
Malwarebytes
FEBRUARY 13, 2024
In 2022, tech publication TechCrunch discovered that TheTruthSpy and other spyware apps share a common Insecure Direct Object Reference (IDOR) vulnerability, CVE-2022-0732. The publications described the bug as “extremely easy to exploit, and grants unfettered remote access to all of the data collected from a victim’s Android device.”
Let's personalize your content