Apple’s Shortcuts app
Shortcuts are built into iOS, iPadOS, and macOS to provide users with hooks for building automations. These Shortcuts can be shared between users via a link, which can lead to widespread sharing of a malicious Shortcut.
According to research performed by Bitdefender viewed by AppleInsider, an unsuspecting Shortcuts user could obtain a Shortcut that attacks a vulnerability in the Transparency, Consent, and Control (TCC) system meant to protect users from data theft. Typically, TCC prompts appear when an app or Shortcut attempts to access sensitive information or system resources, but the vulnerability bypassed this check.
Go Here to Read this Fast! A critical Shortcuts vulnerability was fixed in iOS 17.3
Originally appeared here:
A critical Shortcuts vulnerability was fixed in iOS 17.3