NewApp Digest
search bot

Messenger

Security researchers find 213 vulnerabilities in Russia’s state-backed messaging app Max
AppWizard
April 11, 2026

Security researchers find 213 vulnerabilities in Russia’s state-backed messaging app Max

Security researchers discovered 213 vulnerabilities in Max, Russia's state-backed messaging app, during a bug bounty initiative. This information was shared by Alexei Batyuk, CTO of Positive Technologies, at the Svyaz-2026 exhibition. The bug bounty program has been active since July 1, 2025, resulting in 288 accepted vulnerability reports and total payouts of nearly 22 million rubles. Common vulnerabilities could allow unauthorized access to user data through the manipulation of object identifiers. Max's press service claimed that user data is "reliably protected" and emphasized the importance of independent white-hat hackers in identifying vulnerabilities. Max was launched by VK in March 2025 and is being promoted by Russian authorities amid efforts to block other messaging platforms like Telegram and WhatsApp. The app has faced criticisms regarding user surveillance and security vulnerabilities.
Privacy Messenger Session Is Staring Down a 90-Day Countdown to Obscurity
AppWizard
April 10, 2026

Privacy Messenger Session Is Staring Down a 90-Day Countdown to Obscurity

The messaging app Session, which prioritizes user privacy and offers end-to-end encryption without requiring personal information for registration, is facing potential closure and has issued a call for support. The Session Technology Foundation (STF) has received funding to support operations for 90 days but will rely on volunteers after all paid staff have been let go. Development activities have paused due to insufficient funding, affecting the introduction of new features and the resolution of existing bugs. The STF has stated that it needs million to complete ongoing projects and introduce a subscription model to achieve self-sustainability. As of now, 0,000 has been raised towards this goal. Users can contribute at getsession.org/donate.
Kazakhstan Considers National Messaging App Aitu for Insurance Companies - The Times Of Central Asia
AppWizard
April 10, 2026

Kazakhstan Considers National Messaging App Aitu for Insurance Companies – The Times Of Central Asia

Kazakhstan’s Agency for Regulation and Development of the Financial Market is considering the domestic messaging platform Aitu for communication between insurance companies, non-bank financial institutions, and their clients. The regulator has encouraged market participants to assess Aitu as a communication tool aimed at enhancing personal data protection. Concerns have been raised about Aitu’s user base, functionality, integration costs, and the absence of clear regulatory guidelines for handling personal and financial data. The adoption of Aitu is not mandatory but is seen as a potential secure communication channel. Aitu’s infrastructure supports high data protection due to localized servers in Kazakhstan, which reduces risks of cross-border data issues. The platform features end-to-end encryption and biometric identification through Aitu Passport, aiming to enhance user verification and minimize phishing and identity theft risks. The agency noted that open APIs and business dashboards could allow financial institutions to integrate with Aitu cost-effectively. Additionally, government agencies and quasi-state companies have been encouraged to use Aitu for official communications.
Why Russia is looking to China’s WeChat model for its Max messenger
AppWizard
April 9, 2026

Why Russia is looking to China’s WeChat model for its Max messenger

Russia is developing the messaging app Max into a multifunctional "super app" inspired by Chinese platforms like WeChat and Douyin. The transformation aims to integrate messaging, payments, e-commerce, digital services, and content consumption into a single platform. The initiative is supported by the Russian government to enhance digital sovereignty and reduce reliance on foreign apps. Key features include a unified platform for services, payment systems, support for businesses, and content-driven commerce. However, Max faces challenges from established competitors, privacy concerns, and the need for a robust ecosystem. The success of Max could position it as a central hub for digital activity in Russia.
Bitchat Review: How Jack Dorsey’s Private Offline Messenger Works
AppWizard
April 9, 2026

Bitchat Review: How Jack Dorsey’s Private Offline Messenger Works

Bitchat employs the Noise Protocol Framework, specifically the XX pattern, for encrypted and authenticated communication. The Android version uses X25519 for key exchange and AES-256-GCM for message encryption. Bitchat operates without a central infrastructure, phone numbers, or traditional accounts, which reduces data collection and risks of censorship and surveillance. The app relies on Bluetooth connectivity, requiring physical proximity between users, which can enhance security but may lead to device identification. Metadata about nearby devices and connection instances may still be retained. Bitchat has not yet undergone a comprehensive external security audit, raising concerns despite its focus on privacy and encryption.
Conspiracy Theories Are Eclipsing the Real Dangers of Russia’s Messaging App Max
AppWizard
April 9, 2026

Conspiracy Theories Are Eclipsing the Real Dangers of Russia’s Messaging App Max

Russia's state-run messaging app, Max, allows authorities to monitor personal messages and calls extensively. Many Russians continue to use WhatsApp and Telegram, which are out of government reach. Following a WhatsApp ban, the government is considering restrictions on Telegram. Intelligence agencies have created bots on Telegram that can lead to legal consequences for users. The Max app offers complete surveillance of messages, photos, and calls without such provocations. Despite efforts to make Max appealing through features like age verification and integration with Gosuslugi, users are reluctant to switch from existing platforms. The government has attempted to position Max as the primary communication tool by potentially eliminating competitors, but Telegram's popularity remains a significant barrier. Recent decisions have eased restrictions on Telegram, and officials now emphasize that using Max is "optional." Some users, including officials, prefer to use Max on separate devices for security. Concerns about Max's geolocation capabilities and its access to other applications are often exaggerated, and the app has faced scrutiny regarding surveillance practices. Developers have reduced checks on VPN usage, but public distrust persists. Many users focus on the risks posed by Max while neglecting other security vulnerabilities. Effective risk mitigation requires a rational assessment of threats and increased digital literacy.
Apple pulls Jack Dorsey’s messaging app from the Chinese App Store
AppWizard
April 8, 2026

Apple pulls Jack Dorsey’s messaging app from the Chinese App Store

Apple has removed the messaging app Bitchat from the Chinese App Store at the request of the Cyberspace Administration of China (CAC), which cited regulatory concerns. Bitchat, originally launched as Bitchat Mesh and developed by Jack Dorsey, allows anonymous, peer-to-peer communication using Bluetooth-based mesh networking, without relying on internet-connected servers. The app gained popularity in regions with internet shutdowns and social media restrictions. The CAC has alleged that Bitchat violated regulations requiring security assessments for apps that can influence public opinion or mobilize users. Dorsey confirmed the removal on X but has not disclosed any plans for Bitchat's return to the App Store.
Search