Security News > 2023 > October > Apple Vulnerability Can Expose iOS and macOS Passwords, Safari Browsing History
The vulnerability, which the researchers named iLeakage, enables threat actors to read Gmail messages, reveal passwords and uncover other personal information.
The iLeakage vulnerability has not yet been exploited in the wild as of October 27.
ILeakage is important to know about because of its novel approach and because the number of devices potentially open to exploitation through iLeakage is so high.
Apple has enabled a mitigation for iLeakage in macOS Ventura 13.0 and newer releases, but it takes some work to find it.
To activate the mitigation, follow the instructions posted on the iLeakage site under "How can I defend against iLeakage?" to access Safari's debugging menu.
iLeakage can be hard to trace because it doesn't appear in the system's log files, the researchers said; instead, iLeakage resides entirely within Safari.
News URL
https://www.techrepublic.com/article/apple-ios-ileakage/
Related news
- Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation (source)
- Apple plugs security hole in its iThings that's already been exploited in iOS (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon (source)
- How to customize Safari for private browsing on iOS (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- How to secure Notes on iOS and macOS (source)