News Post

Hackers can force iOS and macOS browsers to divulge passwords and a whole lot more

ArstechnicaArstechnica · 1y
Hackers can force iOS and macOS browsers to divulge passwords and a whole lot more

Researchers have discovered a side channel vulnerability in the A- and M-series CPUs used in modern iOS and macOS devices, which can be exploited to obtain passwords and sensitive information from Apple's Safari browser. The attack, known as iLeakage, requires reverse-engineering of Apple hardware and expertise in side-channel vulnerabilities. It leverages speculative execution, a performance enhancement feature found in modern CPUs, to recover secrets from targeted systems. The researchers implemented iLeakage as a website that opens a separate page to steal information when visited by a vulnerable device. Apple is aware of the vulnerability and plans to address it in a future software release.

Comments

Download the medial app to read full posts, comements and news.