Source link : https://tech365.info/psa-apples-podcasts-app-might-be-enabling-malicious-content-material-supply/
Safety researchers have recognized suspicious exercise in Apple’s Podcasts app that may very well be used to ship malicious content material to customers, primarily based on a report by 404Media’s Joseph Cox.
Cox’s report describes some odd experiences with the Podcasts app that actually counsel one thing untoward is occurring throughout each iOS and macOS variations. He says that over current months, the app has robotically launched and displayed uncommon podcasts with out his enter. On Mac and iPhone, the app has opened faith, spirituality, and schooling podcasts for no obvious purpose, in some instances even launching themselves the second Cox unlocked his machine.
The podcasts in query typically characteristic unusual titles containing code fragments, URLs, and in some instances, makes an attempt at cross-site scripting assaults.
Goal-See safety professional Patrick Wardle instructed Cox he was in a position to replicate comparable habits, however in his case through an internet site. “Simply visiting a website is enough to trigger Podcasts to open (and load a podcast of the attacker’s choosing), and unlike other external app launches on macOS, no prompt or user approval is required,” Wardle instructed 404 Media.
One significantly regarding podcast apparently features a hyperlink that redirects to a website making an attempt an XSS assault – a way during which attackers inject malicious code into in any other case legitimate-looking web sites. When…
—-
Author : tech365
Publish date : 2025-11-28 11:40:00
Copyright for syndicated content belongs to the linked Source.
—-
1 – 2 – 3 – 4 – 5 – 6 – 7 – 8