Apple has revealed a Passwords app vulnerability that lasted for months

An update to Apple’s iOS 18 has reportedly resolved a vulnerability in the Passwords app that potentially allowed hackers to access sensitive user information.
The flaw, discovered by app developer Mysk, went unpatched for three months, leaving users open to phishing attacks.
Passwords stored by the app were linked to associated logos and icons, which were requested using unencrypted HTTP, allowing potential interception by hackers on the same network.
Mysk’s researchers discovered the vulnerability in September and claim that Apple released the fix in the iOS 18.2 update in January.
Apple has not yet responded to requests for comment on the issue.

Fast Feed