Security experts at Duo Security have discovered a flaw in the implementation of PayPal’s two-factor authentication mechanism. The vulnerability is in the PayPal Security Key which sends a one-time code to enter after typing users credentials. PayPal is aware of the security issue since March and it has already provided a temporary fix, but the company hasnt yet planned the release of a full patch. Duo Security has anticipated that the flaw will be definitively fixed on July 28ththth.”]
Source: https://securityaffairs.co/wordpress/26105/hacking/paypal-two-factor-authentication-flaw.html