The maker of the Catwatchful covert surveillance app accidentally leaked sensitive data, including email addresses and passwords, for 62,000 users.
A security flaw due to a SQL injection vulnerability allowed a researcher to access and download the private information of users.
The app is marketed as being stealthy and secure, intended for parental control, but concerns have been raised about its potential misuse for clandestine activities.
Google has enhanced its security measures to detect the Catwatchful spyware on Android devices, and actions are being taken by web hosts to address concerns related to the app.