TikTok vulnerability allowed hackers to send SMS with malware