PANews reported on April 10th that, according to a warning from GoPlus, a serious security vulnerability has been discovered in the EngageLab SDK (an Android SDK widely used for push notifications), affecting over 50 million Android users, including approximately 30 million cryptocurrency wallet users. Attackers can install a malicious app masquerading as a legitimate application on compromised devices, sending malicious intents to other applications integrating the EngageLab SDK. This can lead to unauthorized access, theft of private keys, and login credentials. GoPlus recommends that developers and app vendors upgrade the SDK to version 4.5.5 or higher with the patch patch, and that ordinary users immediately update relevant Android applications, especially cryptocurrency wallets and financial apps.