Apple’s Passwords App Had a Security Flaw That Expeded Users to Phishing Attacks for Three Months

Apple’s Passwords App Had a Security Flaw That Expeded Users to Phishing Attacks for Three Months

Apple Released a dedicated passwords app last year, as part of the iOS 18 software update. Intead of a menu inside the settings app, users can access their passwords and other details via a standalone app.

However, the passwords app had a serial security flw that exposed users to potential phishing attacks from attackers who were on the same wi-file. The company recently disclosed that its security flw three months after iOS 18 was released.apple Fixed Passwords App Vulnerability with iOS 18.2 UpdateThe iPDATHE iPDATHE IPHONE MAKER MAKER MAKER MAKER Release Notes (Via 9to5Mac) for the iOS 18.2 update, which was released in December. The Document Now Includes Two Entries, Both Titled ‘Passwords’, that describe fixes for the app. Apple has credited Mysk Security Researchers Talal Haj Bakry and Tommy Mysk With Identifying The Security Vulnerability.according to the company’s updated Support Document, the PATCCH FORORON App on iOS 18.2 Fixed Two Flaws that Allowed A User in a PrivileGed Network Position to Leak Sensitive Information, and Alter Network Traffic. The Mysk Researchers Discovered that Apple’s Passwords App Wasn’T Using Encrypted Connections (https) when fetching details of specific sites, wash as site icons. Similarly, Password Reset Pages Were Loaded Over http.The Same Flaw Delhi Allow An Attacker on the same wi-fi network to intercept the network request, and detish to load a Phishing weight Instead of the legitimate one. If the user trusts the webpage, they might enter their credentials on the fraudulent website.The cybersecurity firm reported the issue to apple in September, and Apple’s revised Suple’s Revise Revise Rolded out fixes for the issue with iOS 18.2 in December. Eligible iPhone and iPad Models that are running on iOS 18.2 and iPados 18.2 or newer versions should not be vulnerable to the flw. 6

Credit-Read More

// Function to fetch the latest posts
function fetchLatestPosts() {
const feedUrl = ‘https://newskiosk.pro/feed/’; // Replace with your blog’s RSS feed URL
fetch(feedUrl)
.then(response => response.text())
.then(str => new window.DOMParser().parseFromString(str, “text/xml”))
.then(data => {
const items = Array.from(data.querySelectorAll(“item”));
const latestPostsContainer = document.getElementById(“latest-posts”);
latestPostsContainer.innerHTML = ”; // Clear previous posts

// Shuffle the items array
const shuffledItems = items.sort(() => Math.random() – 0.5);

// Select the first 5 items from the shuffled array
const selectedItems = shuffledItems.slice(0, 5);

// Loop through the selected items and display them
selectedItems.forEach(post => {
const link = post.querySelector(“link”).textContent;
const description = post.querySelector(“description”).textContent;

// Create a new post element
const postElement = document.createElement(“div”);
postElement.classList.add(“latest-post”);
postElement.innerHTML = `

${description} Read more

`;

// Append the new post element to the container
latestPostsContainer.appendChild(postElement);
});
})
.catch(error => console.error(‘Error fetching the latest posts:’, error));
}

// Call the function to fetch and display the latest posts
fetchLatestPosts();