The White House App Is Riddled with Cybersecurity Vulnerabilities (notus.org)

Cybersecurity researchers and app analysts say the White House’s newly launched “White House App” collects and shares user data—such as IP addresses and time zones—with third-party services without clearly disclosing the extent of that sharing in the app’s store privacy information. They also point to issues involving third-party components like Elfsight widgets and push-notification vendor OneSignal, arguing the disclosures and security approach appear insufficient for a federal app. The White House says the Elfsight vulnerability was reviewed and approved and claims users’ data is safe, while lawmakers and some experts call for stricter standards and faster fixes.