Can you trust that permission pop-up on macOS?

Can You Really Trust That Permission Pop-Up On macOS? (CVE-2025-31250) 2025-05-12 by Noah Gregory Introduction It's time to update your Macs again! This time, I'm not burying the lede. CVE-2025-31250, which was patched in today's releases of macOS Sequoia 15.5 et al., allowed for… …any Application A to make macOS show a permission consent prompt… …appearing as if it were coming from any Application B… …with the results of the user's consent response being applied to any Application C. These did not have to be different applications. In fact, in most normal uses, they would all likely be the same application. Even a case where Applications B and C were the same but different than Application A would be relatively safe (if somewhat useless from Application A's perspective). However, prior to this vulnerability being patched, a lack of validation allowed for Application B (the app the prompt appears to be from) to be different than Application C (the actual application the user's cons ... Read full article.