Critical vulnerabilities left millions of Apple devices at the mercy of hackers - and nobody noticed for nearly a decade
Briefly

from ITPro3 months ago
Virtually every single Apple device faced vulnerabilities through CocoaPods, with unclaimed pods susceptible to arbitrary code execution, posing risks of supply chain attacks.
ITProhttps://www.itpro.com/security/critical-vulnerabilities-left-millions-of-apple-devices-at-the-mercy-of-hackers-and-nobody-noticed-for-nearly-a-decade
CVE-2024-38368 allowed attackers to claim unclaimed pods by removing the original owners, while CVE-2024-38367 exploited authentication loopholes for full CocoaPods trunk account control.
ITProhttps://www.itpro.com/security/critical-vulnerabilities-left-millions-of-apple-devices-at-the-mercy-of-hackers-and-nobody-noticed-for-nearly-a-decade
Read at ITPro
#apple-devices #vulnerabilities #cocoapods #supply-chain-attacks #authentication-flaws
[
]
[
|
]