Apple has revealed a Passwords app vulnerability that lasted for months

is a weekend editor who covers the latest in tech and entertainment. He has written news, reviews, and more as a tech journalist since 2020. Apple fixed a bug in the iOS 18.2 Passwords app that, for three months starting with the release of iOS 18, made users vulnerable to phishing attacks, according to an Apple security content update spotted by 9to5Mac. Here’s how Apple describes the bug and its fix: Impact: A user in a privileged network position may be able to leak sensitive information Description: This issue was addressed by using HTTPS when sending information over the network. As 9to5Mac writes, the Passwords app was sending unencrypted requests for the logos and icons it shows next to the sites your stored passwords are associated with. The lack of encryption meant an attacker on the same Wi-Fi network as you, like at an airport or coffee shop, could redirect your browser to a look-a-like phishing site to steal your login credentials. It was first discovered by security re ... Read full article.