Loading...
Loading...
Browse all stories on DeepNewz
Visit3 CocoaPods Vulnerabilities Expose 3 Million iOS and macOS Apps to Supply Chain Attacks
Jul 2, 2024, 03:45 PM
Millions of iOS and macOS applications were exposed to significant security risks due to three vulnerabilities in CocoaPods, a widely used open-source dependency manager. These flaws, present for about a decade, could have allowed attackers to execute supply chain attacks by injecting malicious code into 3 million apps. The vulnerabilities were caused by changes in how the package manager operates, which enabled anyone to claim ownership of orphaned packages and potentially execute remote code on the CocoaPods server. Security researchers have identified these critical flaws, and a patch was released last October to address the issues. Despite the patch, the long-term exposure has raised concerns about the security of Apple devices and the potential impact on millions of users.
View original story
Markets
Yes • 50%
No • 50%
Official CocoaPods security update announcements
Yes • 50%
No • 50%
Official Apple security updates and announcements
Yes • 50%
No • 50%
Official breach reports from major iOS or macOS applications
$50-100 million • 25%
$10-50 million • 25%
Less than $10 million • 25%
More than $100 million • 25%
Financial reports and news releases on security breach costs
More than 10 • 25%
0 • 25%
1-5 • 25%
6-10 • 25%
Publicly reported security incidents from affected apps
0 • 25%
1-3 • 25%
4-6 • 25%
More than 6 • 25%
Security research publications and official CocoaPods announcements