‘Almost every Apple device’ vulnerable to CocoaPods supply chain attack

Dependency manager used in millions of apps leaves a bitter taste

CocoaPods, an open-source dependency manager used in over three million applications coded in Swift and Objective-C, left thousands of packages exposed and ready for takeover for nearly a decade – thereby creating opportunities for supply chain attacks on iOS and macOS apps, according to security researchers.…

This article has been indexed from The Register – Security

Read the original article: