Application security , Data Security , Government security Analysis reveals concerning features in official White House app May 8, 2026 Share By SC Staff (Adobe Stock) According to Tech Radar, an analysis of the official White House app for Android has uncovered several concerning features that raise privacy and security questions. A security researcher known as Thereallo has found that the app can inject code into third-party websites, effectively hiding cookie consent banners, GDPR notices, and paywalls. This capability prevents users from exercising their privacy rights and bypasses content restrictions. The app also possesses the ability to track precise GPS location data every 4.5 minutes when active and every 9.5 minutes in the background, with the potential to be activated by a command. User data, including location and interaction history, is sent to non-governmental infrastructure via the OneSignal SDK. Furthermore, the app pulls code from unsecured sources, including a random GitHub account for embedding videos, which could be exploited to serve malicious content, Thereallo said. The app also lacks certificate pinning and adequate security for third-party code, raising concerns about its overall security posture and the potential for invasive user profiling. Source: Tech Radar SC Staff Related AI/ML The vulnerability flood is here. Patching won’t save you. Ariel Parnes May 8, 2026 AI-driven vulnerability discovery is outpacing patch cycles, forcing defenders to prioritize detection. Cloud Security The hidden risk in hybrid IT: Fragmented vulnerability management Srikant Sreenivasan May 7, 2026 Hybrid IT and AI expand attack surfaces, making continuous, context-aware risk management essential. Identity Most security pros say managing identity has become a major challenge Steve Zurier May 6, 2026 Nearly 9 in 10 security leaders struggle with identity sprawl as AI and NHIs expose governance gaps. Related Events Cybercast CISO Stories: AI Security (Blackhat Preview) – Arctic Wolf Thu Jul 9 Cybercast Protecting Application User Data for Better Privacy, Governance, and Compliance On-Demand Event Cybercast The Next Evolution of Application Security: AI- Accelerated DevSecOps On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Block Cipher Browser Ciphertext Common Gateway Interface (CGI) Cryptographic Algorithm or Hash Cyclic Redundancy Check (CRC) DLL Injection Data Encryption Standard (DES) Diffie-Hellman Digital Signature Algorithm (DSA) You can skip this ad in 5 seconds