Explore two critical security vulnerabilities in Android applications disclosed on HackerOne that led to stolen authentication tokens. Learn about the process of identifying these vulnerabilities through SAST tools and threat modeling, and discover how the open-source library 'safe to run' could have prevented both issues. Gain insights from Daniel Llewellyn, Head of Engineering at xDesign, as he shares his expertise in mobile security, particularly focusing on Android security and his management of the open-source security project 'safetorun'.