'Almost every Apple device' vulnerable to CocoaPods supply chain attack
-
CocoaPods, an open-source dependency manager used in over three million applications coded in Swift and Objective-C, left thousands of packages exposed and ready for takeover for nearly a decade – thereby creating opportunities for supply chain attacks on iOS and macOS apps, according to security researchers.
You're using the dependencies wrong (or something like that)
At least a bit of good news, "EVA's researchers wrote that they haven't seen evidence of this mess having been exploited." Of course, with so many targets, I can't imagine they've looked at all of them to see if they're being attacked.
-
CocoaPods, an open-source dependency manager used in over three million applications coded in Swift and Objective-C, left thousands of packages exposed and ready for takeover for nearly a decade – thereby creating opportunities for supply chain attacks on iOS and macOS apps, according to security researchers.
You're using the dependencies wrong (or something like that)
At least a bit of good news, "EVA's researchers wrote that they haven't seen evidence of this mess having been exploited." Of course, with so many targets, I can't imagine they've looked at all of them to see if they're being attacked.
And another one to Apple is safe as in Linux is safe.
M.D.V. ;) If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about? Help me to understand what I'm saying, and I'll explain it better to you Rating helpful answers is nice, but saying thanks can be even nicer.