Apple Passwords was open to targeted phishing attacks, before patch
From iOS 18 when the Passwords app debuted to the iOS 18.2 update, users could have exposed passwords to a bad actor on a privileged network, but you’re likely safe.
Apple released iOS 18 in September 2024 with the new Passwords app, but it relied on the less secure HTTP protocol, not HTTPS, when opening links or fetching icons. This meant a bad actor on a privileged network could intercept the HTTP request and redirect users to a fake website and harvest the login.
Security research company Mysk uncovered this issue and reported it to Apple in September, and the Passwords app was patched in December with iOS 18.2. That means the vulnerability was live in the wild for those three months and continued to be for anyone running a release prior to iOS 18.2.
Continue Reading on AppleInsider | Discuss on our Forums
Source: AppleInsider News
Recent Posts
Here’s The Guitar Riff MIKE MCCREADY Couldn’t Sell To The Prince Of Darkness: “OZZY Just Wasn’t Into It”
"I should've probably done a really good job of recording it." The post Here's The…
What Tariffs Really Mean For BMW Prices and How the Brand Might Move Forward
It’s in the news no matter where you look: tariffs are (again) officially coming to…
M4 MacBook Air missed out on one of Apple’s latest hardware trends
In the past year, Apple has had an interesting trend across its new hardware releases:…
LORDI’s MR. LORDI Sounds Off On The Current Music Industry: “Digitalization Is The Root Of All Evil”
"And I refuse to be part of that. I have to be, but in my…
Ryan Coogler Wants Denzel for Black Panther 3 As Much as You Do
Whenever Marvel gets around to the next solo Black Panther movie, Coogler wants the acting…
These iPad accessories give you 98% of the experience for a quarter of the price
As someone who has used their iPad Pro as their main computer for about seven…