1Password warns Mac users on versions before 8.10.36 of a bug allowing attackers to steal vault items through targeted software installations, affecting both individual consumers and thousands of businesses.
Exploiting CVE-2024-42219 demands malicious software on a Mac, leveraging 1Password's vulnerabilities in inter-process validation and XPC interface, potentially allowing exfiltration of vault items and critical sign-in values.
[
Collection
]
[
|
...
]