Collections of pre-written sections of code that developers can use to add functionality to their apps without having to write it from scratch.
Libraries can contain hidden malware and other vulnerabilities that hackers can exploit to attack apps. Attacks via libraries are sometimes referred to as supply chain attacks.
Developers use libraries like Retrofit for networking in Android apps to simplify API integration.
Are app libraries vulnerable to attacks?
Yes. A compromised library is an example of a type of supply chain attack.
