Catwatchful: Stealthy Android app steals thousands of credentials
The Android app Catwatchful, which claims to help parents monitor their kids, has suffered a big data breach—over 62,000 email addresses and passwords have been exposed.
What's more concerning is that the app secretly collects private info from devices and uploads it for remote access.
The leak also includes details of people using the app for shady surveillance.
Catwatchful acts like stalkerware
Catwatchful acts like stalkerware, grabbing things like call logs and photos from devices where it's installed (usually by sideloading).
Security researcher Eric Daigle found a vulnerability that let him access the entire user database.
The breach highlights just how far-reaching these apps can be—most users are in Mexico, Colombia, and India—and raises some serious questions about privacy and misuse.