Critical 'Sign in with Apple' Bug Could Have Let Attackers Hijack Anyone's Account

Apple recently paid Indian vulnerability researcher Bhavuk Jain a huge $100,000 bug bounty for reporting a highly critical vulnerability affecting its 'Sign in with Apple' system. The now-patched vulnerability could have allowed remote attackers to bypass authentication and take over targeted users' accounts on third-party services and apps that have been registered using 'Sign in with Apple'

from The Hacker News https://ift.tt/2Xi7mUE