A vulnerability in the iOS money-transfer app Venmo allowed anyone who managed to get access to a locked iPhone for as little as two minutes to empty the account, stealing as much as the weekly limit of $2999.99.
TNW reports that the flaw was discovered by a SalesForce security engineer Martin Vigo, who notified Venmo and waited until the loophole had been closed before demonstrating the method …
more…Filed under: Apple
