A security researcher discovered significant vulnerabilities in Volkswagen's mobile app, which potentially allowed unauthorized access to personal and vehicle information. The flaws included exposure of sensitive data through API endpoints, enabling malicious actors to gain control over vehicles and access private customer details. After reporting the issues to Volkswagen, the researcher helped facilitate the necessary security fixes.