Fraudsters have started to raid user accounts by beating strong two-factor authentication methods with Trojan-based, man-in-the-browser attacks. The BLURtooth flaw allows attackers within wireless range to bypass authentication keys and snoop on devices utilizing implementations of Bluetooth 4.0 through 5.0. The popular video-sharing apps s use of HTTP to download media content instead of a secure protocol could lead to the spread of misinformation on the platform.
Source: https://threatpost.com/strong-authentication-has-been-weakened-121409/73252/