Sunagawa Masanori

**Name of the Vulnerable Software and Affected Versions** NewsPicks App for Android versions 10.4.5 and earlier NewsPicks App for iOS versions 10.4.2 and earlier **Description** The issue is related to hard-coded credentials in the NewsPicks App, which may allow a local attacker to analyze data in the app and obtain an API key for an external service. **Recommendations** For NewsPicks App for Android versions 10.4.5 and earlier, update to a version later than 10.4.5 to resolve the issue. For NewsPicks App for iOS versions 10.4.2 and earlier, update to a version later than 10.4.2 to resolve the issue. As a temporary workaround, consider restricting access to sensitive data within the app until a patch is available.