Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and macOS Applications
Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and macOS Applications
www.evasec.io Vulnerabilities in CocoaPods Open the Door to Supply Chain Attacks Against Thousands of iOS and MacOS Applications | E.V.A
Multiple vulnerabilities affecting the CocoaPods ecosystem, have been discovered, posing a major risk of supply chain attacks.
“E.V.A Information Security researchers uncovered several vulnerabilities in the CocoaPods dependency manager that allows any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and MacOS applications. These vulnerabilities have since been patched.”
0 comments