A serious security vulnerability in Apple’s Shortcuts app has been fixed in recent iOS and macOS updates. This flaw allowed malicious shortcuts to bypass security measures and steal sensitive data like photos, contacts, and files without your knowledge.
Attackers used the “Expand URL” function to sneakily send your data to harmful websites. These corrupted shortcuts could be easily spread through links, making detection difficult for most users.
The exploit worked by encoding your data and uploading it where attackers could access it.
The Solution:
Apple patched this vulnerability in iOS 17.3 and macOS Sonoma 14.3. If you haven’t already, it’s crucial to update all of your Apple devices immediately.
Staying Safe:
Be cautious when downloading new Shortcuts, especially from untrusted sources. If possible, examine the actions within a Shortcut before running it.
