Apple Passwords App Bug Left Users Vulnerable to Phishing Attacks for Months Before Being Fixed
Apple fixed a bug in its Passwords app with December's iOS 18.2 update that had left users vulnerable to phishing attacks in the three months since the launch of iOS 18.
According to an Apple security update spotted by 9to5Mac, the Passwords app was sending unencrypted requests for the logos and icons associated with users' stored passwords.
Without protections of encryption, an attacker on the same Wi-Fi network could redirect a user's browser to a clone phishing site where login details could be stolen. The vulnerability was first discovered by developer Mysk's security researchers and reported in September.
Apple's iOS 18.2 security release notes described the bug like so:
Impact: A user in a privileged network position may be able to leak sensitive information
Description: This issue was addressed by using HTTPS when sending information over the network.
Apple lists the bug in security content updates for the Mac, iPad, and Vision Pro, indicating that this issue was fixed across multiple OSes.
Popular Stories
Apple is expected to unveil iOS 27 during its WWDC 2026 keynote on June 8, and there are already many rumored features and changes for iPhones.
The first developer beta of iOS 27 will likely be available immediately following the keynote, and a public beta typically follows in July. Following beta testing, the software update should be released to all users with a compatible iPhone in...
Apple today released a new Pride Edition Sport Loop for the Apple Watch. The band features a rainbow design with 11 colors of woven nylon yarns.
The new Pride Edition Sport Loop is available to order now on Apple.com and in the Apple Store app in 40mm, 42mm, and 46mm sizes, and it will be available at Apple Store locations starting later this week. In the U.S., the band costs $49.
There...
iOS 26.5 is expected to be released next week, following more than a month of beta testing. The update is relatively minor, but there are a couple of new features and changes across the operating system that we have recapped below.
iOS 26.5 lays the groundwork for end-to-end encryption for RCS in the Messages app and ads in the Apple Maps app, and it will include a new Pride wallpaper and a...
