Mastodon Feed
Reblogged by nadim@infosec.exchange ("Nadim Kobeissi"):
mysk ("Mysk🇨🇦🇩🇪") wrote:
Since iOS 18 launched, the new Passwords app has been using unencrypted HTTP to download icons for password entries—a serious #security risk. We reported this bug to #Apple in September, and it’s finally fixed in #iOS 18.2 (CVE-2024-54492).
The bug also impacts iPadOS and #macOS
Why does this matter? Watch 🎬 :
#cybersecurity #privacy #infosec