A new attack vector called iLeakage has been discovered by a group of academics. This vulnerability affects Apple products , specifically Macs and iPhones released from 2020 onwards. It allows attackers to extract sensitive information from Safari on Macs and all browsers on iOS devices.
The discovery of iLeakage highlights the ongoing threats posed by hardware vulnerabilities . While real-world attacks are unlikely due to the technical expertise required, the disclosure of this vulnerability means that hackers could potentially develop their own version of the attack or create similar attacks in the future. This news comes after the disclosure of other side-channel attacks and the discovery of RowPress , a variant of the RowHammer attack on DRAM chips .
The researchers have notified Apple about the vulnerability  , and the company plans to release a more permanent fix in the future . While the iLeakage attack requires a high level of technical knowledge and is not appealing to cyber criminals  , Apple is likely to patch the flaw soon . There is already a toggle in macOS Safari to mitigate iLeakage , although it is off by default .