An exploit allows attackers to remotely overwrite archive files with their own content, and from there pivot to achieving remote command execution on the machine.
An analysis of 10,000 mobile apps has found that a significant portion of them are open to web API hijacking – thanks to inconsistencies between app and server logic in web APIs.