UC Browser and UC Browser Mini Android applications expose users to MiTM attacks by downloading and installing extra modules from their own servers using unprotected channels and bypassing Google Play’s servers. UC Browser communicates with a remote host via an unprotected HTTP channel. The update feature present in UC Browser can also be used by would-be attackers to perform man-in-the-middle attacks (MitM) attacks, potentially leading to remote code execution on compromised devices. The UC Browser for desktop app is also vulnerable to MitM attacks which could allow bad actors to download malicious extensions.
Source: https://www.bleepingcomputer.com/news/security/uc-browser-for-android-desktop-exposes-500-million-users-to-mitm-attacks/