3 million iOS and macOS apps were exposed to potent supply-chain attacks

For a decade, thousands of macOS and iOS apps were vulnerable to supply-chain attacks due to security flaws that allowed hackers to inject malicious code. The weaknesses were found in CocoaPods, a repository used by around three million apps. While they were fixed last October, the vulnerabilities could have potentially compromised information for millions, or even billions of people. The flaws could have enabled actions such as ransomware, fraud, and blackmail.