Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain Attacks
July 2, 2024 at 09:22AM Critical vulnerabilities in the CocoaPods dependency manager allowed threat actors to take over orphaned packages, execute shell commands, and impact millions of iOS and macOS applications. Orphaned pods were associated with a default owner, and an authentication server bug enabled remote code execution. The vulnerabilities were addressed by CocoaPods in … Read more