Loading...
Loading...
Browse all stories on DeepNewz
Visit3 CocoaPods Vulnerabilities Expose 3 Million iOS and macOS Apps to Supply Chain Attacks
Jul 2, 2024, 03:45 PM
Millions of iOS and macOS applications were exposed to significant security risks due to three vulnerabilities in CocoaPods, a widely used open-source dependency manager. These flaws, present for about a decade, could have allowed attackers to execute supply chain attacks by injecting malicious code into 3 million apps. The vulnerabilities were caused by changes in how the package manager operates, which enabled anyone to claim ownership of orphaned packages and potentially execute remote code on the CocoaPods server. Security researchers have identified these critical flaws, and a patch was released last October to address the issues. Despite the patch, the long-term exposure has raised concerns about the security of Apple devices and the potential impact on millions of users.
View original story
0-5 vulnerabilities • 25%
6-10 vulnerabilities • 25%
11-15 vulnerabilities • 25%
More than 15 vulnerabilities • 25%
Less than 50 • 33%
50 to 100 • 33%
More than 100 • 33%
0 • 25%
1-5 • 25%
6-10 • 25%
More than 10 • 25%
Less than 10 • 25%
10 to 50 • 25%
51 to 100 • 25%
More than 100 • 25%
None • 25%
1 to 2 issues • 25%
3 to 4 issues • 25%
5 or more issues • 25%
0-10 • 25%
11-50 • 25%
51-100 • 25%
101+ • 25%
0-2 • 25%
3-5 • 25%
6-8 • 25%
More than 8 • 25%
Less than 100 • 25%
100 to 500 • 25%
501 to 1000 • 25%
More than 1000 • 25%
None • 33%
1-3 reports • 33%
More than 3 reports • 33%
0 • 25%
1 • 25%
2 • 25%
3 or more • 25%
0-2 • 25%
3-5 • 25%
6-8 • 25%
9 or more • 25%
Increase by more than 20% • 25%
Increase by less than 20% • 25%
No significant change • 25%
Decrease • 25%
$50-100 million • 25%
$10-50 million • 25%
Less than $10 million • 25%
More than $100 million • 25%