The security vulnerability, which appeared in older versions of its application, could have allowed a bad actor to steal closed source code and possibly inject their own code into Blockfolio’s Github repository and, from there, into the app itself.
Source: https://www.coindesk.com/blockfolio-quietly-patches-years-old-security-hole-that-exposed-source-code
