Be vigilant against foreign organizations using malicious SDKs to collect sensitive information, national security agencies warn.

The state security department reminds that SDK is a set of development tools provided for specific software frameworks, hardware platforms, or operating systems. It is like a "treasure chest" that intimately provides software developers with the semi-finished products, tools, and instructions needed to build applications, greatly improving work efficiency. However, convenient SDKs may also pose a risk of information leakage. Overseas organizations may embed malicious SDKs into various applications to illegally collect sensitive information and remotely transmit it to overseas servers. This behavior not only seriously violates the personal privacy of citizens but also may lead to overseas control of key information such as user profiles and industry data, thereby posing a real threat to our national security.