Cybersecurity researchers have uncovered severe vulnerabilities in Wondershare RepairIt that could lead to data leaks, AI model tampering, and supply chain attacks. These flaws highlight the importance of robust security practices in AI-powered applications and supply chain management. #WondershareRepairIt #SupplyChainRisks
Keypoints
- Two critical security flaws in Wondershare RepairIt allow attackers to bypass authentication and access sensitive data.
- The vulnerabilities stem from weak DevSecOps practices, including embedded permissive cloud access tokens and unencrypted storage.
- Exposed data includes user private information, AI models, and company source code, enabling potential tampering and malicious modifications.
- The flaws pose risks of supply chain attacks, malware distribution via AI model updates, and intellectual property theft.
- Trend Micro disclosed the vulnerabilities to Wondershare but has yet to receive a response, urging users to restrict product interaction.
Read More: https://thehackernews.com/2025/09/two-critical-flaws-uncovered-in.html