Bumble has patched a vulnerability that made it possible for an attacker to pinpoint the precise location of other users.
A security researcher has discovered a vulnerability in the popular dating app Bumble that could have allowed an attacker to pinpoint the precise location of other users of the service. Robert Heaton, who works as a software engineer at the payments company Stripe, discovered the vulnerability in the dating app and then proceeded to develop and execute a ‘trilateration’ attack to test his findings which he’s detailed in a new blog post. If the vulnerability discovered by Heaton were to be exploited by an attacker, they could use Bubmle’s app and service to discover a victims home address as well as track their movements in the real world to some degree.
