Some third-party applications unnecessarily store keys or secrets that could be abused to leak a variety of user credentials and other type of sensitive data, software security startup Fallible warns.
Using a tool designed to reverse engineer Android applications, Fallible discovered that many mobile applications contain hardcoded keys or secrets that should not be there in the first place.