Security News > 2024 > July > Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks
2024-07-01 16:12
A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and
News URL
https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html
Related news
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Ultralytics Supply-Chain Attack (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)