CloudSEK Logo
December 22, 2022

Hardcoded API Keys of Email Marketing Services Puts 54M+ Mobile App Users at Risk

CloudSEK’s  BeVigil, the world’s first security search engine for mobile apps, uncovered about  50% of the analyzed (600) apps, leaking API keys of three popular transactional and marketing email service providers; Mailgun, MailChimp, and Sendgrid. Transactional email services reduce developer time, improve deliverability and reduce support issues.

Together these three email service providers command a sizable market share of the global individual and retail population.

Authors & Contributors

Vishal Singh
As a Vulnerability Research Engineer at CloudSEK, Vishal conducts penetration tests on client-side assets and reports discovered vulnerabilities.
Bablu Kumar
Bablu is a technology writer and an analyst with a strong focus on all things cybersecurity
Downloadable Report

Download the Report

Download the report by clicking below.
The Download will start immediately.

Join our newsletter

Sign up so that you don't miss any updates from us