10-Year-Old Open Source Flaw Could Affect 'Almost Every Apple Device'

This seems like one of those software supply chain bugs that's going to take a very long time to eradicate.

Some of the most widely used web and social media applications could be vulnerable to three newly discovered CocoaPods vulnerabilities — including potentially millions of Apple devices, [according to a report by The Cyber Express](https://thecyberexpress.com/cocoapods-vulnerabilities-apple-facebook/), the news service of threat intelligence vendor Cyble Inc.

E.V.A Information Security researchers [reported](https://evasec.webflow.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods) three vulnerabilities in the open source CocoaPods dependency manager …

amazon apple appletv applications bugs code cybersecurity device facebook flaw found linkedin meta microsoft netflix okta old open source researchers safari snapchat software software supply chain supply supply chain teams tiktok vulnerable whatsapp xcode yahoo