CAT 
The open-source Swift and Objective-C repository, CocoaPods, had multiple vulnerabilities that left millions of iOS and macOS apps exposed to potential attacks for a decade, but it is now patched.
CocoaPods leave millions of iOS and macOS apps vulnerable to attack
CocoaPods leave millions of iOS and macOS apps vulnerable to attack
Even though the CocoaPods repository was a potential target for so long and so many apps, there are no known exploits in iOS or macOS apps. The vulnerabilities in question were patched in October and are now being exposed in a report from EVA Information Security.
The report was detailed by Ars Technica, explaining what went wrong and how the vulnerabilities could be exploited. These issues could have led to serious problems if a bad actor managed to exploit them, and there’s always a chance they were exploited without anyone knowing.
Originally appeared here:
Vulnerabilities found in Swift repository left millions of apps exposed, now patched
