Millions of iOS and macOS apps have been exposed to a security breach that could be used for potential supply-chain attacks, says an ArsTechnica report based on research by EVA Information Security.

Security researchers at E.V.A Information Security Ltd. have detailed several vulnerabilities in the CocoaPod dependency manager used in MacOS and iOS applications that, although now patched, left ...

The vulnerabilities have since been patched, but had quietly persisted since the CocoaPods migration in 2014. Many macOS and iOS applications were open to a vulnerability in CocoaPods, an open-source ...

A near inconceivable number of Apple apps have been exposed to critical vulnerabilities in a popular dependency manager for years now. CocoaPods is a platform that developers in Apple's ecosystem use ...

Vulnerabilities that went undetected for a decade left thousands of macOS and iOS apps susceptible to supply-chain attacks. Hackers could have added malicious code compromising the security of ...

The open-source Swift and Objective-C repository, CocoaPods, had multiple vulnerabilities that left millions of iOS and macOS apps exposed to potential attacks for a decade, but it is now patched.

Although the hole in the CocoaPods tool is now closed, developers are advised to verify there's nothing rotten in the dependencies used in their existing code. Recently patched vulnerabilities in a ...

A series of newly discovered vulnerabilities in a widely used open source software utility could spell big trouble for large parts of the iOS and MacOS ecosystems. The bugs in question could impact ...