Apple has recently resolved a security flaw in its iOS 18.2 Passwords app, which lasted for three months following the release of iOS 18. The bug allowed unencrypted transmission of requests for website logos, making users vulnerable to phishing attacks, particularly on public Wi-Fi networks. Attackers could intercept these requests to redirect users to fake sites and steal their login details. Initially reported by security firm Mysk, Apple has also addressed this issue across other devices like Mac, iPad, and Vision Pro.
Apple has patched a significant bug in iOS 18.2's Passwords app that exposed users to phishing risks by sending unencrypted requests for website logos, allowing attackers to exploit the vulnerability.
The vulnerability, present from the launch of iOS 18, allowed attackers on the same network to redirect users to phishing sites, risking login credential theft.
Collection
[
|
...
]