{"id":59394,"date":"2025-09-23T00:00:00","date_gmt":"2025-09-23T00:00:00","guid":{"rendered":"urn:uuid:0f5c59f3-2318-ce6e-b534-438d173b2cbc"},"modified":"2025-09-23T00:00:00","modified_gmt":"2025-09-23T00:00:00","slug":"ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/","title":{"rendered":"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/wondershare-cover:Large?qlt=80\"><!-- OneTrust Cookies Consent Notice start for trendmicro.com --><!-- OneTrust Cookies Consent Notice end for trendmicro.com --> <head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"description\" content=\"Trend\u2122\ufe0f Research\u2019s analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practices and hardcoded credentials, creating risks of model tampering and supply chain attacks.\"> <meta name=\"robots\" content=\"index,follow\"> <meta name=\"keywords\" content=\"articles, news, reports,artificial intelligence (ai),research\"> <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"> <meta name=\"template\" content=\"article1withouthero\"> <meta property=\"article:published_time\" content=\"2025-09-23\"> <meta property=\"article:tag\" content=\"artificial intelligence (ai)\"> <meta property=\"article:section\" content=\"research\"> <link rel=\"icon\" type=\"image\/ico\" href=\"\/content\/dam\/trendmicro\/favicon.ico\"> <link rel=\"canonical\" href=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/i\/ai-powered-app-exposes-user-data.html\"> <title>AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks | Trend Micro (US)<\/title> <link href=\"https:\/\/fonts.googleapis.com\/css?family=Open+Sans:300,300i,400,400i,600\" rel=\"stylesheet\">\n<link href=\"\/\/customer.cludo.com\/css\/296\/1798\/cludo-search.min.css\" type=\"text\/css\" rel=\"stylesheet\"> <link rel=\"stylesheet\" href=\"\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch.min.eef9161aa6f636be94dc8f75bd21e83f.css\" type=\"text\/css\">\n<link rel=\"stylesheet\" href=\"\/etc.clientlibs\/trendmicro\/clientlibs\/trendmicro-core-2\/clientlibs\/header-footer.min.ed72bbd5ec8a033bb224030ee7e2c12e.css\" type=\"text\/css\"> <meta property=\"og:url\" content=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/i\/ai-powered-app-exposes-user-data.html\"><br \/>\n<meta property=\"og:title\" content=\"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks\"><br \/>\n<meta property=\"og:description\" content=\"Trend\u2122\ufe0f Research\u2019s analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practices and hardcoded credentials, creating risks of model tampering and supply chain attacks.\"><br \/>\n<meta property=\"og:site_name\" content=\"Trend Micro\"><br \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/25\/wondershare-cover.png\"><br \/>\n<meta property=\"og:locale\" content=\"en_US\"> <meta name=\"twitter:card\" content=\"summary_large_image\"><br \/>\n<meta name=\"twitter:site\" content=\"@TrendMicro\"><br \/>\n<meta name=\"twitter:title\" content=\"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks\"><br \/>\n<meta name=\"twitter:description\" content=\"Trend\u2122\ufe0f Research\u2019s analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practices and hardcoded credentials, creating risks of model tampering and supply chain attacks.\"><br \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/25\/wondershare-cover.png\"> <\/head> <body class=\"articlepage page basicpage context-business\" id=\"readabilityBody\" readability=\"50.422787327745\"> <!-- Page Scroll: Back to Top --> <a id=\"page-scroll\" title=\"VerticalPageScroll\" href=\"javascript:jumpScroll($(this).scrollTop());\"> <span class=\"icon-chevron-up\"><\/span> <\/a> <!-- \/* Data Layers *\/ --> <\/p>\n<div class=\"root responsivegrid\">\n<div class=\"aem-Grid aem-Grid--12 aem-Grid--default--12 \">\n<div class=\"articleBodyNoHero aem-GridColumn aem-GridColumn--default--12\">\n<div class=\"research-layout article container\" role=\"contentinfo\">\n<article class=\"research-layout--wrapper row\" data-article-pageid=\"1138621878\">\n<div class=\"col-xs-12 col-md-12 one-column\">\n<div class=\"col-xs-12 col-md-12\" readability=\"10.5\">\n<div class=\"article-details\" role=\"heading\" readability=\"41\"> <span class=\"article-details__bar\" role=\"img\"><\/span> <\/p>\n<p class=\"article-details__display-tag\">Artificial Intelligence (AI)<\/p>\n<p class=\"article-details__description\">Trend\u2122 Research\u2019s analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practices and hardcoded credentials, creating risks of model tampering and supply chain attacks.<\/p>\n<p class=\"article-details__author-by\">By: Alfredo Oliveira, David Fiser <time class=\"article-details__date\">September 23, 2025<\/time> <span>Read time:&nbsp;<\/span><span class=\"eta\"><\/span> (<span class=\"words\"><\/span> words) <\/p>\n<div class=\"article-details__icons\"> <!--Add This--> <\/p>\n<div class=\"a2a_kit a2a_default_style\" data-a2a-icon-color=\"#717172\"> <a class=\"a2a_dd addthis_link\" href=\"https:\/\/www.addtoany.com\/share\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch\/resources\/img\/share-more.svg\" class=\"svg-icon\" alt=\"Share\"> <\/a> <a class=\"a2a_button_print addthis_link\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch\/resources\/img\/printer.svg\" class=\"svg-icon\" alt=\"Print\"> <\/a> <\/div>\n<p> <!--Add to Folio--> <!--Subscribe--> <\/div>\n<\/div><\/div>\n<\/p><\/div>\n<hr class=\"research-layout-divider\"> <main class=\"main--content col-xs-12 col-lg-8 col-lg-push-2\"> <\/p>\n<div class=\"richText\" readability=\"39.238410596026\">\n<div readability=\"23.841059602649\">\n<h2><span class=\"body-subhead-title\">Key takeaways<\/span><\/h2>\n<ul>\n<li><span class=\"rte-red-bullet\">An AI-powered application for enhancing images and videos named Wondershare RepairIt may have inadvertently contradicted its privacy policy by collecting and retaining sensitive user photos. Poor Development, Security, and Operations (DevSecOps) practices allowed overly permissive cloud access tokens to be embedded in the application\u2019s code.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">The hardcoded cloud credentials in the application\u2019s binary enabled both read and write access to sensitive cloud storage. The exposed cloud storage contained not only user data but also <b>AI models<\/b>, software binaries, container images, and company source code.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Attackers can leverage the compromised access <b>to manipulate AI models or executable files<\/b>, conducting sophisticated supply chain attacks. Such an attack could distribute malicious payloads to legitimate users through vendor-signed software updates or AI model downloads.<\/span><\/li>\n<\/ul>\n<p>Consistency between company privacy policies and actual data handling practices \u2013 particularly with AI-powered applications \u2013 and the integrity of AI model deployment are both critical security considerations for organizations in the age of AI. &nbsp;Trend\u2122 Research has identified a case where Wondershare RepairIt, an AI photo editing application, contradicted its privacy policy by collecting, storing, and, due to weak Development, Security, and Operations (DevSecOps) practices, inadvertently leaking private user data.<\/p>\n<p>The application explicitly states that user data will not be stored, as seen in Figure 1. Its website <a href=\"https:\/\/support.wondershare.com\/how-tos\/repairit\/is-my-privacy-protected.html\">states this<\/a> as well. However, we observed that sensitive user photos were retained and subsequently exposed because of security oversights.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"b7c669\" data-modal-title=\"Figure 1. Uploading a customer\u2019s photos to an AI service that claims not to store the data\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig1.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig1.png\" alt=\"Figure 1. Uploading a customer\u2019s photos to an AI service that claims not to store the data\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 1. Uploading a customer\u2019s photos to an AI service that claims not to store the data<\/figcaption><\/div>\n<\/figure><\/div>\n<div>\n<div class=\"richText\" readability=\"47.38064516129\">\n<div readability=\"40.470967741935\">\n<p>Our analysis found that poor DevSecOps practices led to an overly permissive cloud access token being embedded within the application\u2019s source code. This token exposed sensitive information stored in the cloud storage bucket. Furthermore, the data was stored without encryption; this made it accessible to anyone with basic technical knowledge, who could subsequently download and exploit it against the organization.<\/p>\n<p>It is not unusual the developers to ignore security standards and embed their over-permissive cloud credentials directly into the code, as we have observed <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/threat-landscape\/real-world-threats-hidden-in-devops\">in previous research<\/a>.<\/p>\n<p>In our case, we found the credentials in the compiled binary executable (Figure 2). While this approach may seem convenient, simplifying user experience and backend processing, it exposes the organization to significant vulnerability if not implemented correctly.<\/p>\n<p>Securing the overall architecture is crucial: Establishing clear purposes for storage, defining access controls, and ensuring only necessary permissions are granted to credentials help prevent disastrous scenarios where attackers download the compiled binaries, analyze them, and exploit them for purposes unrelated to their intended functionality.<\/p>\n<p>While it is a common practice to hardcode a cloud storage access token with write permissions directly into the binaries, it is used for application logs or metric collection \u2013 and more importantly, most implementations strictly restrict token permissions. For example, while data can be written to cloud storage, it cannot be retrieved.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"d3c666\" data-modal-title=\"Figure 2. Showcasing the poor implementation of cloud storage use\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig2.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig2.png\" alt=\"Figure 2. Showcasing the poor implementation of cloud storage use\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 2. Showcasing the poor implementation of cloud storage use<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"38.750617283951\">\n<div readability=\"26.756378600823\">\n<p>It\u2019s unclear whether the code was written by a developer or <a href=\"https:\/\/apiiro.com\/blog\/4x-velocity-10x-vulnerabilities-ai-coding-assistants-are-shipping-more-risks\/\">an AI coding agent<\/a> that provided a vulnerable code snippet. Regardless, organizations need to exercise extra caution when utilizing cloud services. A single <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/beware-of-mcp-hardcoded-credentials-a-perfect-target-for-threat-actors\">access token leakage<\/a> has often disastrous consequences: For example, these can allow threat actors to insert malicious code into distributed software binaries, potentially initiating a supply chain attack.<\/p>\n<p>We have made proactive efforts to contact the vendor through the <a href=\"https:\/\/www.zerodayinitiative.com\/\">Trend Zero Day Initiative\u2122<\/a> (Trend ZDI), although we have yet to receive a response. These vulnerabilities were disclosed to the vendor in April. The final draft of this blog entry was also shared with the vendor prior to publication.&nbsp;<\/p>\n<p>The initial disclosure of the vulnerabilities was made through Trend ZDI. The vulnerabilities have been assigned <a href=\"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-25-895\/\">CVE-2025-10643<\/a>, <a href=\"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-25-896\/\">CVE-2025-10644<\/a>, and disclosed on September 17.<\/p>\n<h2><span class=\"body-subhead-title\">Binary analysis: Credential exposure and data leakage<\/span><\/h2>\n<p>The discovery began with the downloaded binary \u2013 a client application widely promoted on the company\u2019s official website as a robust, user-friendly tool for repairing damaged images and videos using patented techniques and AI as a core engine (Figure 3).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"97e368\" data-modal-title=\"Figure 3. Wondershare Repairit highlight and advertisement \" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig3.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig3.png\" alt=\"Figure 3. Wondershare Repairit highlight and advertisement \"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 3. Wondershare Repairit highlight and advertisement <\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"34\">\n<div readability=\"13\">\n<p>The binary analysis showed the application uses a cloud storage account with hardcoded credentials. The storage account was not only used to download AI models and application data; we found that the account also contained multiple signed application executables developed by the company. It also had sensitive customer data (Figure 4), all accessible due to the cloud object storage identifiers (URLs and API endpoints), a secret access ID and key, and defined bucket names present in the binary.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\" readability=\"7.5\">\n<figure class=\"image-figure\" readability=\"5\"> <a class=\"bs-modal\" id=\"b940fb\" data-modal-title=\"Figure 4. Binary analysis showing the cloud ID, secret, address, and bucket name\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig4.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig4.png\" alt=\"Figure 4. Binary analysis showing the cloud ID, secret, address, and bucket name\"> <\/a> <\/p>\n<p><figcaption>Figure 4. Binary analysis showing the cloud ID, secret, address, and bucket name<\/figcaption><\/p>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"34.5\">\n<div readability=\"14\">\n<p>Further analysis proved that the credentials that were granted read and write access to the bucket were also hardcoded in the binary. The same cloud storage holds AI models, container images, binaries for other products from the same company, scripts and source code, and customer data (such as videos and pictures).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"7b396f\" data-modal-title=\"Figure 5. Diagram on how the binary with cloud access is distributed to the user\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig5.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig5.png\" alt=\"Figure 5. Diagram on how the binary with cloud access is distributed to the user\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 5. Diagram on how the binary with cloud access is distributed to the user<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"34.5\">\n<div readability=\"14\">\n<h2><span class=\"body-subhead-title\">Private data exposure: The first critical issue<\/span><\/h2>\n<p>We found that the unsecure storage service stores customer uploaded data dating back two years prior to this research, raising significant privacy concerns and regulatory implications, particularly under the European Union\u2019s (EU) General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA) in the US, or similar frameworks. This data leakage included thousands of unencrypted personal images uploaded by customers that were sensitive in nature and intended for AI-driven enhancement (Figure 6).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"fa96e2\" data-modal-title=\"Figure 6. Wondershare Repairit initial screen that provides its tools\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig6.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig6.png\" alt=\"Figure 6. Wondershare Repairit initial screen that provides its tools\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 6. Wondershare Repairit initial screen that provides its tools<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"40.450505780347\">\n<div readability=\"27.291907514451\">\n<p>Exposure of such data not only poses an immediate risk of regulatory fines, reputational damage, and loss of competitive advantage due to intellectual property theft, but at the same time allows threat actors to potentially launch a targeted attack against the company and its customers.<\/p>\n<h2><span class=\"body-subhead-title\">The supply chain issue: Manipulating AI models<\/span><\/h2>\n<p>When users interact with Wondershare Repairit, they are prompted via a pop-up to download AI models directly from the cloud storage bucket to enable local services (Figure 7). The binary is configured with the specific bucket address and the name of the AI model zip file to be downloaded (Figure 8).<\/p>\n<p>Perhaps even more concerning than the exposure of customer data alone is the potential for a sophisticated AI supply chain attack. Because the binary automatically retrieves and executes AI models from the unsecure cloud storage, attackers could modify these models or their configurations and infect users unknowingly (Figure 9), <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cyber-attacks\/silent-sabotage-weaponizing-ai-models-in-exposed-containers\">as in other cases we covered before<\/a>.<\/p>\n<p>This opens the door for various attack execution scenarios, in which malicious actors could:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">Replace legitimate AI models or configuration files within the cloud storage.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Modify software executables and launch supply chain attacks against its customers.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Compromise models to execute arbitrary code, establish persistent backdoors, or exfiltrate more customer information silently.<\/span><\/li>\n<\/ul><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"3544a0\" data-modal-title=\"Figure 7. Wondershare Repairit pop-up asking the user to download the AI models from the compromised bucket for running the services locally\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig7.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig7.png\" alt=\"Figure 7. Wondershare Repairit pop-up asking the user to download the AI models from the compromised bucket for running the services locally\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 7. Wondershare Repairit pop-up asking the user to download the AI models from the compromised bucket for running the services locally<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"26a6ae\" data-modal-title=\"Figure 8. Bucket address and AI model zip name from the bucket to be downloaded by the binary\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig8.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig8.png\" alt=\"Figure 8. Bucket address and AI model zip name from the bucket to be downloaded by the binary\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 8. Bucket address and AI model zip name from the bucket to be downloaded by the binary<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"09d66c\" data-modal-title=\"Figure 9. Attack flow in which an attacker finds the bucket credentials and replaces the contents with malicious files and AI models\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig9.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig9.png\" alt=\"Figure 9. Attack flow in which an attacker finds the bucket credentials and replaces the contents with malicious files and AI models\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 9. Attack flow in which an attacker finds the bucket credentials and replaces the contents with malicious files and AI models<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"32.801292407108\">\n<div readability=\"15.489499192246\">\n<h3><span class=\"body-subhead-title\">Real-world impact and severity<\/span><\/h3>\n<p>The severity of such a scenario cannot be overstated, as a supply chain attack of this nature could impact a large number of users worldwide, delivering malicious payloads through legitimate vendor-signed binaries.<\/p>\n<h3><span class=\"body-subhead-title\">Historical precedent and lessons<\/span><\/h3>\n<p>Incidents such as <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/20\/l\/overview-of-recent-sunburst-targeted-attacks.html\">the SolarWinds Orion attack<\/a> or <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/19\/d\/analyzing-c-c-runtime-library-code-tampering-in-software-supply-chain-attacks.html\">the ASUS ShadowHammer attack<\/a> illustrate the catastrophic potential of compromised binaries delivered through legitimate supply chain channels. This scenario with Wondershare RepairIt reflects the same risks, amplified by widespread reliance on AI models executed locally (Figures 10 and 11).<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"83da2a\" data-modal-title=\"Figure 10. AI models from the compromised bucket saved locally\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig10.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/i\/ai-app-supply-chain-risk\/Fig10.png\" alt=\"Figure 10. AI models from the compromised bucket saved locally\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 10. AI models from the compromised bucket saved locally<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"45.703025814642\">\n<div readability=\"37.34870926788\">\n<h2><span class=\"body-subhead-title\">Broader implications: Beyond data breaches and AI attacks<\/span><\/h2>\n<p>Apart from direct customer data exposure and AI model manipulation, several additional critical implications emerge:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\"><b>Intellectual property theft. <\/b>Competitors gaining access to proprietary models and source code could reverse-engineer advanced algorithms, significantly harming the company\u2019s market leadership and economic advantage.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Regulatory and legal fallout. <\/b>Under GDPR and similar privacy frameworks, exposed customer data could lead to immense fines, lawsuits, and mandatory disclosures, severely damaging trust and financial stability. A recent high-profile case illustrating these risks involved TikTok, which faced <a href=\"https:\/\/www.reuters.com\/sustainability\/boards-policy-regulation\/tiktok-fined-530-million-euros-by-eu-regulator-over-data-protection-2025-05-02\/\">a \u20ac530 million penalty<\/a> from the EU in May due to violations of data privacy regulations.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Erosion of consumer trust. <\/b>Security breaches erode consumer confidence dramatically. Trust is hard-earned but easily lost, potentially leading to widespread customer abandonment and substantial long-term economic impact.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Vendor liability and insurance implications. <\/b>The financial and operational liability of such breaches extends beyond direct penalties. Insurance claims, loss of vendor agreements, and subsequent vendor blacklisting significantly compound financial damages.<\/span><\/li>\n<\/ul>\n<h2><span class=\"body-subhead-title\">Conclusion<\/span><\/h2>\n<p>The need for constant innovations fuels an organization\u2019s rush to get new features to market and maintain competitiveness, but they might not foresee the new, unknown ways these features could be used or how their functionality may change in the future. This explains how important security implications may be overlooked. That is why it is crucial to implement a strong security process throughout one\u2019s organization, including the CD\/CI pipeline.<\/p>\n<p>Transparency regarding data usage and processing practices is imperative not only to maintain user trust in AI-powered solutions, but to comply with an evolving regulatory landscape. Companies must bridge the gap between policy and practice by ensuring that their actual operations align with published privacy statements. Continuous review and improvement of security protocols are essential to keep pace with evolving AI development and deployment risks. Only through disciplined governance and security-by-design principles can organizations safeguard both proprietary technologies and customer trust.<\/p>\n<h2><span class=\"body-subhead-title\">Security recommendations<\/span><\/h2>\n<p>Organizations can proactively prevent security issues like those discussed in this blog entry by leveraging the <a href=\"https:\/\/docs.trendmicro.com\/en-us\/documentation\/article\/trend-vision-one-artifact-scanner-cli#GUID-09957805-70E7-401F-A691-F587FCE2CB8B-y6v59__supportedArtifacts\">Artifact Scanner within Trend Vision One\u2122 Code Security<\/a>. This comprehensive scanning capability enables pre-runtime detection of vulnerabilities, malware, and secrets in artifacts \u2013 including container images, binary files, and source code \u2013 that empowers security teams to identify and remediate issues before they impact production environments.<\/p>\n<p>Adhering to established security best practices is essential for safeguarding software development environments, playing a critical role in preventing the types of serious attack scenarios described in this blog entry. To mitigate potential risks, defenders should apply security protocols such as:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\"><b>Implement fine-grained access token permissions.<\/b> This minimizes the risk of lateral movement and privilege escalation by ensuring each token is limited strictly to only necessary actions.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Split storage services per use case. <\/b>By assigning different storage services to specific functions or teams, organizations can better control access and limit the exposure of sensitive data if a particular service is compromised.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Separate customer data from the software supply chain. <\/b>Keeping customer data isolated from development tools and processes prevents unintended access or leaks, safeguarding personal and sensitive information from supply chain risks.<b><\/b><\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Monitor the usage of storage services and access tokens.<\/b> Regular monitoring helps quickly identify anomalies, potential breaches, and unauthorized access so that remediation can be done with minimal impact.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Incorporate DevSecOps standards into the CI\/CD pipeline when using cloud services within software products.<\/b> Integrating security checks and controls early in the development process ensures vulnerabilities are caught and mitigated before reaching production.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Provide secure code snippets and establish secure defaults to support developers and AI in building secure applications.<\/b> Making secure choices the default and providing vetted examples helps prevent the introduction of vulnerabilities due to oversight or lack of expertise.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><b>Follow security best practices throughout the development and deployment lifecycle.<\/b> This includes practices such as regular patching, vulnerability management, and foundational security hygiene to ensure ongoing protection.<\/span><\/li>\n<\/ul><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<section class=\"tag--list\">\n<p>Tags<\/p>\n<\/section>\n<p> <\/main> <\/article>\n<\/div>\n<\/div><\/div>\n<\/div>\n<p> <!-- \/* Core functionality javascripts, absolute URL to leverage Akamai CDN *\/ --> <!--For Modal-start--> <\/p>\n<p> <span>sXpIBdPeKzI9PC2p0SWMpUSM2NSxWzPyXTMLlbXmYa0R20xk<\/span> <\/p>\n<p> <!--For Modal-end--> <\/body> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/i\/ai-powered-app-exposes-user-data.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Trend\u2122 Research\u2019s analysis of Wondershare RepairIt reveals how the AI-driven app exposed sensitive user data due to unsecure cloud storage practices and hardcoded credentials, creating risks of model tampering and supply chain attacks. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9510,10938,9509],"class_list":["post-59394","post","type-post","status-publish","format-standard","hentry","category-trendmicro","tag-trend-micro-research-articles-news-reports","tag-trend-micro-research-artificial-intelligence-ai","tag-trend-micro-research-research"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-23T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/wondershare-cover:Large?qlt=80\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks\",\"datePublished\":\"2025-09-23T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/\"},\"wordCount\":1994,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/wondershare-cover:Large?qlt=80\",\"keywords\":[\"Trend Micro Research : Articles, News, Reports\",\"Trend Micro Research : Artificial Intelligence (AI)\",\"Trend Micro Research : Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/\",\"name\":\"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/wondershare-cover:Large?qlt=80\",\"datePublished\":\"2025-09-23T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/#primaryimage\",\"url\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/wondershare-cover:Large?qlt=80\",\"contentUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/wondershare-cover:Large?qlt=80\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : Articles, News, Reports\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-articles-news-reports\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/","og_locale":"en_US","og_type":"article","og_title":"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2025-09-23T00:00:00+00:00","og_image":[{"url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/wondershare-cover:Large?qlt=80","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks","datePublished":"2025-09-23T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/"},"wordCount":1994,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/wondershare-cover:Large?qlt=80","keywords":["Trend Micro Research : Articles, News, Reports","Trend Micro Research : Artificial Intelligence (AI)","Trend Micro Research : Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/","url":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/","name":"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/wondershare-cover:Large?qlt=80","datePublished":"2025-09-23T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/#primaryimage","url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/wondershare-cover:Large?qlt=80","contentUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/wondershare-cover:Large?qlt=80"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/ai-powered-app-exposes-user-data-creates-risk-of-supply-chain-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : Articles, News, Reports","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-articles-news-reports\/"},{"@type":"ListItem","position":3,"name":"AI-Powered App Exposes User Data, Creates Risk of Supply Chain Attacks"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/59394","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=59394"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/59394\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=59394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=59394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=59394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}