Tumblr updates iOS app, fixes potential password security issue

Tumblr for iOS has been updated with an important security fix. According to Tumblr's blog post, there was an issue in the app that allowed for a user's password to be compromised in certain circumstances.

While Tumblr has not yet released the full details of the bug, iMore was able to independently confirm a security issue in version 3.4 of the Tumblr app with logging users in. Specifically, when a user logs in, the request containing their username and password is sent in plaintext over HTTP rather than being sent securely over HTTPS. This means that if a person logs in while on an unsecured wireless network, another person on that network could sniff their traffic and acquire their username and password. All users should update to version 3.4.1 which fixes the bug. Tumblr also encourages all users to change their Tumblr password in case it was compromised.

Tumblr isn't the first app to have a bug like this, but it is notable that they apparently fixed the bug immediately after learning about it.

We may earn a commission for purchases using our links. Learn more.

Review: Just slip a Bluebonnet case on your AirTag and go
Silicone simplicity

Review: Just slip a Bluebonnet case on your AirTag and go

Soft, stretchy, and bright blue, the Bluebonnet AirTag Case is a straightforward solution that keeps your AirTag safely attached to just about anything. It also displays both sides of the AirTag so your personalization shines through.