Apple won’t build a backdoor – yet iOS apps leak secrets anyway
Apple’s UK encryption rollback has reignited the global debate on privacy. But while all eyes are on government backdoors, the latest Cybernews research exposes an even bigger risk – iOS apps are leaking sensitive data at scale, and Apple isn’t doing much if anything to stop it.
Last week, the Cybernews research team revealed that 71% of 156,000 iOS apps are leakinghardcoded secrets – a serious security flaw with major implications for businesses and consumers.
Now, their latest report dives deeper into the top 10 most commonly exposed secrets and why they pose a significant risk to user data, whether owned by consumers or businesses.
Here’s a quick look at the top 3 threats for businesses and individuals:
Project ID (Google) exposes app resources, logs, and potentially weakly secured services, increasing the likelihood of data breaches.
Google App ID can be used to impersonate apps, granting unauthorized access to user data, APIs, and backend systems.
API Keys (Google): if exposed, these can lead to unauthorized service access, risking data loss, tampering, and breaches of user privacy.
This is the first research of its kind at this scale – no one has ever published even approximate findings on Apple’s secret leaks before. These findings raise a bigger question: is Apple’s App Store security review failing to catch these weak spots?
With stolen credentials linked to 31% of all breaches and an increasing reliance on mobile devices for sensitive transactions, this is a problem that app users and developers must address.
For more details, including a look at the most sensitive leaked secrets, read the full article here.
This entry was posted on March 20, 2025 at 11:15 am and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Apple won’t build a backdoor – yet iOS apps leak secrets anyway
Apple’s UK encryption rollback has reignited the global debate on privacy. But while all eyes are on government backdoors, the latest Cybernews research exposes an even bigger risk – iOS apps are leaking sensitive data at scale, and Apple isn’t doing much if anything to stop it.
Last week, the Cybernews research team revealed that 71% of 156,000 iOS apps are leaking hardcoded secrets – a serious security flaw with major implications for businesses and consumers.
Now, their latest report dives deeper into the top 10 most commonly exposed secrets and why they pose a significant risk to user data, whether owned by consumers or businesses.
Here’s a quick look at the top 3 threats for businesses and individuals:
This is the first research of its kind at this scale – no one has ever published even approximate findings on Apple’s secret leaks before. These findings raise a bigger question: is Apple’s App Store security review failing to catch these weak spots?
With stolen credentials linked to 31% of all breaches and an increasing reliance on mobile devices for sensitive transactions, this is a problem that app users and developers must address.
For more details, including a look at the most sensitive leaked secrets, read the full article here.
Share this:
Like this:
Related
This entry was posted on March 20, 2025 at 11:15 am and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.