“Sign in with Apple” vulnerability earns researcher $100,000

Remember seeing that slick “Sign in with Apple” button across many websites and apps? It turns out that a vulnerability allowed attackers to log in to sites using any Apple ID.

Only last year, Apple announced this new “privacy tool” to come to every iPhone and apps, in its quest to offer greater security to Apple users. The sign-in feature was introduced to let users log in to services with their Apple ID, as opposed to an email address and password. 

Continue reading on BleepingComputer.

About the author

Ax Sharma

Ax Sharma is a Security Researcher, Engineer, and Tech Columnist. His works and expert analyses have frequently been featured by leading media outlets like Fortune, The Register, TechRepublic, CIO, etc.

Ax’s expertise lies in vulnerability research, reverse engineering, software development, and web app security. He’s an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).

Send any tips via email or Twitter DM.

See author's posts