Now Patched 'Sign in With Apple' Bug Left Users Open to Attack
Researcher Bhavuk Jain in April discovered a critical Sign in With Apple vulnerability that could have resulted in a takeover of some user accounts. The bug was specific to third party apps that used Sign in With Apple and didn't implement additional security measures.
Jain notes that Sign in With Apple works by authenticating a user through a JWT (JSON Web Token) or a code that's generated by Apple's server. Apple then gives users the option to share either the email tied to their Apple ID or a private relay email address,which creates a JWT that's used to log in a user.
Jain then discovered that once JWTs for both Apple ID emails and private relay email addresses were requested and the token's signature was verified using Apple's public key, it "showed as valid." Should the bug have not been discovered, a JWT could be created and used to gain access to one's account.
In an interview with The Hacker News, Jain spoke about the severity of the bug:
The impact of the this vulnerability was quite critical as it could have allowed a full account takeover. Many developers have integrated Sign in with Apple since it is mandatory for applications that support other social logins. To name a few that use Sign in with Apple - Dropbox, Spotify, Airbnb, Giphy (now acquired by Facebook).
According to Jain, Apple conducted an investigation and concluded that no accounts were compromised using this method before the vulnerability was patched. Jain was paid $100,000 by Apple under its Apple Security Bounty Program for reporting the bug.
Popular Stories
Bloomberg's Mark Gurman has high expectations for Apple's first foldable iPhone.
In his Power On newsletter today, he said the foldable iPhone will be "the most significant overhaul in the iPhone's history."
"iPhone 4, iPhone 6 and iPhone X were clearly a big deal, but this is a whole new design," he said.
Like Samsung's Galaxy Z Fold 7, the foldable iPhone will reportedly open up like ...
iOS 26.5 is now available for developers, and while it doesn't include any new Siri capabilities, there are some major changes for the European Union, and smaller tweaks for features available worldwide.
Suggested Places
In the Maps app, there's a new "Suggested Places" feature that recommends locations to visit based on trending places nearby and recent searches. When Apple launches ads in ...
Apple has been celebrating its upcoming 50th anniversary by hosting surprise performances and other events around the world over the past few weeks, and now Bloomberg's Mark Gurman has revealed details about the company's grand finale.
In a social media post, Gurman said Apple's celebrations will conclude this week with a finale at its Apple Park headquarters for employees.
A special...
Popular Stories
macOS Tahoe 26.4 introduces a new security feature that warns Mac users if they paste certain commands in the Terminal app that may be harmful.
For those unaware, the Terminal app allows you to enter text commands to perform tasks on your Mac. Terminal is primarily intended for advanced users and developers, but unfortunately casual users can be tricked into entering harmful commands that...
Apple has begun pushing Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS, warning users of active web-based attacks.
The alerts, which appear as a "Critical Software" notification from the Settings app, warn that Apple "is aware of attacks targeting out-of-date iOS software, including the version on your iPhone," and urge users to install a critical...
Apple says it has no record of a successful spyware attack against any device running Lockdown Mode, the opt-in security feature it introduced in 2022.
"We are not aware of any successful mercenary spyware attacks against a Lockdown Mode-enabled Apple device," an Apple spokesperson told TechCrunch.
Lockdown Mode is available on the iPhone, iPad, and Mac, and dramatically restricts...
