Cybersecurity experts have uncovered more than a thousand mobile applications carrying a flawed API that are leaking sensitive endpoint(opens in new tab) and user information.
Researchers from CloudSEK found 1,550 mobile apps using Alogolia, a proprietary API that helps mobile developers integrate search engines with discovery and recommendation features found in websites and apps.
According to the company, this API is used by more than 11,000 companies worldwide.