This may shock you but Adobe is shipping insecure software
Found on The Register on Saturday, 09 November 2019
It has been revealed that Adobe's Experience Platform mobile SDKs, used to create apps that interact with the company's cloud services, until recently contained sample configuration files that created insecure default settings.
Developers creating apps that utilize those files as templates or examples could find that their apps have been sending data over the network without SSL protection, making it vulnerable to interception and alteration.
Now that Flash is pretty much dead, the bugs move on inside Adobe.