Millions of iOS and macOS apps have been exposed to a security breach that could be used for potential supply-chain attacks, says an ArsTechnica report based on research by EVA Information Security.

Millions of Apple Applications Were Vulnerable to CocoaPods Supply Chain Attack Your email has been sent The vulnerabilities have since been patched, but had quietly persisted since the CocoaPods ...

Security researchers at E.V.A Information Security Ltd. have detailed several vulnerabilities in the CocoaPod dependency manager used in MacOS and iOS applications that, although now patched, left ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Vivek Yadav, an engineering manager from ...

A near inconceivable number of Apple apps have been exposed to critical vulnerabilities in a popular dependency manager for years now. CocoaPods is a platform that developers in Apple's ecosystem use ...

Vulnerabilities that went undetected for a decade left thousands of macOS and iOS apps susceptible to supply-chain attacks. Hackers could have added malicious code compromising the security of ...

A series of newly discovered vulnerabilities in a widely used open source software utility could spell big trouble for large parts of the iOS and MacOS ecosystems. The bugs in question could impact ...

Although the hole in the CocoaPods tool is now closed, developers are advised to verify there's nothing rotten in the dependencies used in their existing code. Recently patched vulnerabilities in a ...

CocoaPods has reached version 1.0, and is celebrating its milestone by officially changing how Podfiles work, and giving Pod owners more control. Though the changes to Podfiles were known (via a ...