Many users of Chinese keyboard apps on smartphones are at risk of having their personal information exposed due to serious encryption vulnerabilities.

Researchers recently discovered serious cryptographic vulnerabilities in cloud-based pinyin input software from eight companies. While there is no evidence that the vulnerabilities are being exploited, a series of previous incidents make this a potentially serious issue.

The vulnerability could allow hackers to spy on everything a user types, including passwords, messages, and financial information. Affected apps include Baidu Pinyin, Tencent QQ Pinyin, iFlytek IME, Samsung Keyboard, Xiaomi (which uses keyboards from Baidu, iFlytek, and Sogou), OPPO, Vivo, and Honor.

However, iOS and Huawei apps are said to be safe from this vulnerability.

According to the researchers, attackers can exploit these vulnerabilities to steal user data with ease. They can use the stolen information to commit fraud, identity theft, and other cyberattacks.

This is not the first time Chinese keyboard apps have been found to have security flaws. In 2018, researchers discovered that several popular keyboard apps were collecting user data without their consent. This data was then sold to data brokers and used for advertising purposes.

Here are some tips to protect yourself from security vulnerabilities in virtual keyboard apps:

• Update your keyboard app to the latest version immediately.
  
• Use strong and unique passwords for each account.
  
• Be careful when visiting untrusted websites and links.
  
• Turn off data sharing in your keyboard app settings.