Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
EU’s Digital Age App Vulnerable to Quick Hacking

EU’s Digital Age App Vulnerable to Quick Hacking

Posted on April 17, 2026 By CWS

The European Commission’s latest Digital Age Verification App, designed to protect young users from inappropriate online content, has been swiftly compromised. Security expert Paul Moore, based in the UK, demonstrated a complete bypass of the app’s authentication process in less than two minutes following its release on April 14, 2026.

Security Flaws in App Design

When users set up the app, they are required to create a personal identification number (PIN). This PIN is encrypted and stored on the user’s device in a file called shared_prefs. However, researchers identified two significant design flaws. The PIN encryption is not linked to the identity vault containing the user’s verification credentials, and the encryption method used does not effectively protect against tampering.

An attacker with physical access to a device can manipulate this by removing the PinEnc and PinIV values from the shared_prefs file. After restarting the app, they can set a new PIN, subsequently gaining access to the original user’s verified credentials without raising alarms.

Additional Vulnerabilities Discovered

In addition to the PIN issue, researchers found two more security weaknesses within the same file. The app’s brute-force protection, intended to limit incorrect PIN attempts, is merely an incrementing counter in shared_prefs. An attacker can reset this counter, allowing limitless PIN guesses without any lockout.

Furthermore, the app’s biometric authentication can be bypassed by altering a boolean flag named UseBiometricAuth. By setting this flag to false, attackers can entirely skip the biometric verification step, eliminating an important layer of security.

Implications and Official Response

Experts have labeled these vulnerabilities as severe design failures rather than isolated incidents. The app is intended as a prototype within the broader European Digital Identity Wallet framework, highlighting the significance of these security concerns for essential national infrastructures.

Critics also pointed out another flaw discovered in March 2026, where the app failed to confirm whether passport validation happened on the user’s device. Moore addressed EU Commission President Ursula von der Leyen, cautioning that without intervention, the app could lead to substantial data breaches.

Despite these revelations, as of April 17, 2026, the European Commission has not released an official fix or response to these vulnerabilities. Meanwhile, countries like France, Spain, and Denmark continue testing the app in pilot phases.

For ongoing updates on cybersecurity and more information, follow us on Google News, LinkedIn, and X. Contact us to share your insights and stories.

Cyber Security News Tags:age verification, app security, biometric authentication, Cybersecurity, digital identity, Encryption, EU, Hacking, security flaws, Technology

Post navigation

Previous Post: Apache ActiveMQ Vulnerability Exploited, Urgent Fix Advised
Next Post: Cybercriminals Exploit Digital Channels to Hijack Cargo

Related Posts

Researchers Exploited Google kernelCTF Instances And Debian 12 With A 0-Day Researchers Exploited Google kernelCTF Instances And Debian 12 With A 0-Day Cyber Security News
Cyber Group Claims Massive Data Breach at Odido Cyber Group Claims Massive Data Breach at Odido Cyber Security News
Darkhub: A Dark Web Hub for Cryptocurrency Fraud Darkhub: A Dark Web Hub for Cryptocurrency Fraud Cyber Security News
How to Solve Alert Overload in Your SOC How to Solve Alert Overload in Your SOC Cyber Security News
New LOSTKEYS Malware Linked to Russia State-Sponsored Hacker Group COLDRIVER New LOSTKEYS Malware Linked to Russia State-Sponsored Hacker Group COLDRIVER Cyber Security News
Microsoft Issues Urgent Patch for Windows 11 Security Flaws Microsoft Issues Urgent Patch for Windows 11 Security Flaws Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • Cyberattack Hits Nichirei, Disrupts Operations
  • Risk Ledger Secures $32M in Series B Funding
  • CISA Alerts on Critical Fortinet Vulnerabilities
  • New SharePoint Security Gap Exploited After Disclosure
  • CISA Highlights Exploited SharePoint Vulnerability

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • Cyberattack Hits Nichirei, Disrupts Operations
  • Risk Ledger Secures $32M in Series B Funding
  • CISA Alerts on Critical Fortinet Vulnerabilities
  • New SharePoint Security Gap Exploited After Disclosure
  • CISA Highlights Exploited SharePoint Vulnerability

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark