By transmitting a CURL request, attackers could easily claim ownership of unclaimed Pods in CocoaPods and insert malicious code, potentially affecting millions of apps on iOS and macOS.
EVA's researchers found the security flaw incidentally during a red team exercise for a client, raising concerns about potential exploitation even though there is no evidence of it at present.
[
Collection
]
[
|
...
]