OtterSec researchers discovered critical vulnerabilities in React Native WebView and similar mobile wallet libraries. Missing origin isolation allows malicious dApps to access camera, GPS, and other permissions without user consent, affecting over 20 production wallets across the ecosystem.



























