Treffer: Update vulnerability in third-party SDK exposes some Android apps to attacks.

The article reports on the update in third-party HomeBase software development kit (SDK) microprocessor. Topics discussed include the Android apps which contains a vulnerability that allow hackers to steal information from users' phones, the SDK code embedded to a remote server using unencrypted connection then download it in the form of Java Archive (JAR), and the JAR file supplied by an attacker can use the permissions in which the authenticity of the downloaded file cannot be verified.