CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks.

Multiple vulnerabilities in CocoaPods, an open-source repository for Swift and Objective-C, put millions of iOS and macOS apps at risk for nearly a decade. These issues have been patched as of October, with no known exploits

Three - a magic number "A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and macOS applications,""

Millions of iOS apps were exposed to security breach found in CocoaPods Posted into APPLE-osophy @apple-osophy-maddoxa

Millions of Apple Applications Were Vulnerable to CocoaPods Attack The vulnerabilities have since been patched, but had quietly persisted since the Co #technology#news