Aaron Parecki

#zeroday

• FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild - The Citizen Lab (citizenlab.ca)

  #apple #security #zeroday #hacking

  Mon, Sep 13, 2021 10:57pm -07:00

• The Real Cause of the Sign In with Apple Zero-Day

  

  The zero-day bug in Sign In with Apple actually had nothing to do with the OAuth or OpenID Connect part of the Sign In with Apple exchange, and very little to do even with JWTs. Let's take a closer look to see what actually happened.

  continue reading...

  37 likes 19 reposts 1 bookmark 9 replies 25 mentions

  #oauth #oidc #apple #siwa #security #zeroday

  Sun, May 31, 2020 1:49pm -07:00