Researchers have discovered an attack, named iLeakage, that exploits a side channel vulnerability in Apple’s A- and M-series CPUs, forcing Safari browser to reveal passwords and other sensitive information. The attack, which requires significant expertise and reverse-engineering of Apple hardware, is implemented as a website that can recover site content and extract secrets from a targeted system. Apple is aware of the vulnerability and plans to address it in a future software update.
