SDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare Apps

A vulnerability in an SDK that allows users to make video calls in apps like eHarmony, Plenty of Fish, MeetMe and Skout allows threat actors to spy on private calls without the user knowing. Researchers discovered the flaw, CVE-2020-25605, in a video-calling SDK from a Santa Clara, Calif.-based company called Agora while doing a security audit last year of personal robot called “temi,” which uses the toolkit.

Read full article on Threat Post