all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks

Add to bookmarks
July 1, 2024, 4:12 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks.
The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and

actor apps attacks claim critical customers dependency exploited expose flaws ios macos malicious manager ownership projects risks security security flaws software software supply chain software supply chain attacks stage supply supply chain supply chain attacks swift uncovered vulnerabilities

Visit resource

More from thehackernews.com / The Hacker News

The Emerging Role of AI in Open-Source Intelligence 14 hours ago | thehackernews.com
can digital director director of national intelligence +16
Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool 15 hours ago | thehackernews.com
called campaign canada capture +22
FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks 18 hours ago | thehackernews.com
as-a-service attacks distributed download +22
Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks 21 hours ago | thehackernews.com
attack attack campaign campaign custom +17
South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware 21 hours ago | thehackernews.com
actor ahnlab asec attack +23
How MFA Failures are Fueling a 500% Surge in Ransomware Losses 1 day, 14 hours ago | thehackernews.com
cybersecurity cybersecurity threat failures global +14
New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data 1 day, 15 hours ago | thehackernews.com
alder lake attack channel cpu +21
Meta's 'Pay or Consent' Approach Faces E.U. Competition Rules Scrutiny 1 day, 20 hours ago | thehackernews.com
ads competition consent decision +13
Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware 1 day, 20 hours ago | thehackernews.com
ant attacker case china +31

Jobs in InfoSec / Cybersecurity

Find Talent

Principal Software Engineer

@ Mastercard | Pune, India
View on infosec-jobs.com

Sr Principal Analyst, Security Services, Emerging Technology and Trends

@ Gartner | Remote - India
View on infosec-jobs.com

Product owner B2B & CIAM

@ Philips | Best - QX
View on infosec-jobs.com

2024-2025: Information Technology – Information Security Intern

@ Chevron | Houston 1500 Louisiana Street
View on infosec-jobs.com

2024-2025: Information Technology – Information Security Intern (Previous Intern)

@ Chevron | Houston 1500 Louisiana Street
View on infosec-jobs.com

2024-2025: Information Technology – Information Security Full Time (Previous Intern)

@ Chevron | Houston 1500 Louisiana Street
View on infosec-jobs.com