Researchers find security flaw in Target mobile app

Customers who have used Target's wish-list making mobile app may be exposed to hacker attacks. Security company Avast has recently announced that a vulnerability in the app allows unauthorized access to customers' addresses, phone numbers and other personal information from wish lists.

"To our surprise, we discovered that the Target's app's Application Program Interface (API) is easily accessible over the Internet," Filip Chytry wrote on the Avast blog. "The only thing you need in order to parse all of the data automatically is to figure out how the user ID is generated," Chytry said. "Once you have that figured out, all the data is served to you on a silver platter in a JSON file."

The good news in this case is that credit card numbers don't appear to be stored with the wish lists, so financial information isn't vulnerable.

Soon after Avast notified Target of the mishap, the retailer said it suspended certain elements of the app while developers investigate the issue and come up with a fix.

Read more -here-

• Google TV now has over 170 free channels
• OpenAI announces new o3 models
• Samsung to announce AI hybrid cooling refrigerators at CES 2025
• Bad actors steal $5.36M in LastPass attack
• FTC announces final rule banning junk fees on tickets and hotels
• EU officially begins work on $11 billion Starlink rival, IRIS2