Security News > 2023 > October > Apple Vulnerability Can Expose iOS and macOS Passwords, Safari Browsing History
The vulnerability, which the researchers named iLeakage, enables threat actors to read Gmail messages, reveal passwords and uncover other personal information.
The iLeakage vulnerability has not yet been exploited in the wild as of October 27.
ILeakage is important to know about because of its novel approach and because the number of devices potentially open to exploitation through iLeakage is so high.
Apple has enabled a mitigation for iLeakage in macOS Ventura 13.0 and newer releases, but it takes some work to find it.
To activate the mitigation, follow the instructions posted on the iLeakage site under "How can I defend against iLeakage?" to access Safari's debugging menu.
iLeakage can be hard to trace because it doesn't appear in the system's log files, the researchers said; instead, iLeakage resides entirely within Safari.
News URL
https://www.techrepublic.com/article/apple-ios-ileakage/
Related news
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)
- How to customize Safari for private browsing on iOS (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- How to secure Notes on iOS and macOS (source)
- Global Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading Within 90 Days (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Cisco IOS XR vulnerability lets attackers crash BGP on routers (source)