Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks

Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks

/in

A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks.
The vulnerabilities allow “any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and

The Hacker News – ​Read More