Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

A group of academics have discovered a security flaw in Apple’s Vision Pro mixed reality headset known as the GAZEploit attack. Exploiting this flaw, hackers could analyse the eye movements of a user’s virtual avatar to infer what the user had typed on the device’s virtual keyboard. The issue has since been fixed by Apple in the visionOS 1.3 update.