(December 11 10:52) SG Hardware Zone
The security flaw affecting an API which was accessed by many developers, went unnoticed since 2015 and Google only closed it in March 2018. The company did not report it until now.
You can find the original article
here