“Super secure” messaging app leaks everyone's phone number

Freedom Chat, a "super secure" messaging app launched as a rebrand of the failed Converso app, has been found to leak every user's phone number and security PIN to other users. Security researchers discovered that the app's contact discovery feature allows anyone to enumerate all registered phone numbers without rate limiting, identical to a vulnerability recently found in WhatsApp. The app also broadcasts users' security PINs to all members of public channels, and by combining these flaws, attackers can match phone numbers to PINs, completely defeating the security feature.