🍏 'Almost every Apple device' vulnerable to CocoaPods
ᐅ The Register
「 CocoaPods, an open-source dependency manager used in over three million applications coded in Swift and Objective-C, left thousands of packages exposed and ready for takeover for nearly a decade – thereby creating opportunities for supply chain attacks on iOS and macOS apps, according to security researchers 」
#Apple #CocoaPods #Swift #ObjectiveC #Infosec #Opensource
https://www.theregister.com/2024/07/02/cocoapods_vulns_supply_chain_potential/
jbz /
npub1th…k65lp
2024-07-02 14:00:01
Author Public Key
npub1thp9l7ed2x8n2fhaygsx0rgqdrru2qmk3d8plrp07n2k03scx8nq2k65lpPublished at
2024-07-02 14:00:01Event JSON
{
"id": "0f235487b792df1de0aaada033968ada482d4e662e98616ad83cbbb664b78766",
"pubkey": "5dc25ffb2d518f3526fd2220678d0068c7c503768b4e1f8c2ff4d567c61831e6",
"created_at": 1719928801,
"kind": 1,
"tags": [
[
"t",
"opensource"
],
[
"proxy",
"https://indieweb.social/@jbz/112717253933595551",
"web"
],
[
"t",
"cocoapods"
],
[
"t",
"objectivec"
],
[
"t",
"apple"
],
[
"t",
"swift"
],
[
"t",
"infosec"
],
[
"proxy",
"https://indieweb.social/users/jbz/statuses/112717253933595551",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://indieweb.social/users/jbz/statuses/112717253933595551",
"pink.momostr"
],
[
"expiration",
"1722535057"
]
],
"content": "🍏 'Almost every Apple device' vulnerable to CocoaPods\nᐅ The Register\n\n「 CocoaPods, an open-source dependency manager used in over three million applications coded in Swift and Objective-C, left thousands of packages exposed and ready for takeover for nearly a decade – thereby creating opportunities for supply chain attacks on iOS and macOS apps, according to security researchers 」\n \n#Apple #CocoaPods #Swift #ObjectiveC #Infosec #Opensource\nhttps://www.theregister.com/2024/07/02/cocoapods_vulns_supply_chain_potential/",
"sig": "a12914737f608fca37bb0ae7dfa8b3e8ee903f719a4e08264dda8f5cd03418f7b0775a5f4ec87f26086cae66b6982a362c750feaf431479b8bf3d039156171db"
}