By John Gruber
1Password — Secure every sign-in for every app on every device.
Bhavuk Jain:
In the month of April, I found a zero-day in Sign in with Apple that affected third-party applications which were using it and didn’t implement their own additional security measures. This bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid Apple ID or not.
For this vulnerability, I was paid $100,000 by Apple under their Apple Security Bounty program. […]
Apple also did an investigation of their logs and determined there was no misuse or account compromise due to this vulnerability.
Nice write-up of the technical details too.
★ Monday, 1 June 2020