🚨 Ledger Donjon disclosed a critical flaw in Tangem’s Android app, where fake cards could pass as genuine by spoofing public keys and IDs. The issue? Improper attestation checks. (Patched in v5.18.3). covers the bug, the fix, and its security implications in BR097.