If a backdoor to these apps existed, then this so called security company would be selling this to law enforcement in secret, rather than making a zero day attack public like this. Maybe the opposite is true. They can't break into these apps, and they are trying to make the devs 2nd guess themselves, in hopes they do introduce a vulnerability.