Back to directory
WRITEUP #220

Vulnerabilities In CocoaPods Open The Door To Supply Chain Attacks Against Thousands Of iOS And MacOS Applications

RCEAccount takeoverSupply chain attackiOSMacOS
byReef Spektor
Program
CocoaPods
Published
Jul 1, 2024
Added to HackDex
Jul 22, 2024
Read Full Writeuphttps://www.evasec.io/blog/eva-discovered-supply-chain-vulnerabities-in-cocoapods
RELATED WRITEUPS
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens
RCEBruteforce
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeover
RCEOTP bruteforce
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion

Built with ❤️ by Shubham Rawat