"Sign in with Apple" Vulnerability

By ice41 | 5:13 AM Leave a Comment

Researcher Bhavuk Jain discovered a vulnerability in the "Sign in with Apple" feature, and received a $100,000 bug bounty from Apple. Basically, forged tokens could gain access to pretty much any account.

It is fixed.


from Schneier on Security https://ift.tt/3gK9FaD
Related Items

0 comments:

Post a Comment