“Sign in with Apple” vulnerability earns researcher $100,000
Remember seeing that slick “Sign in with Apple” button across many websites and apps? It turns out that a vulnerability allowed attackers to log in to sites using any Apple ID.
Only last year, Apple announced this new “privacy tool” to come to every iPhone and apps, in its quest to offer greater security to Apple users. The sign-in feature was introduced to let users log in to services with their Apple ID, as opposed to an email address and password.
Continue reading on BleepingComputer.