Security researcher Jan Soucek has discovered a bug that would let hackers run a fake re-login prompt using an email sent to iOS Mail. Once opened, code in the email could imitate an iCloud login prompt and trick users into giving away their Apple ID user name and password. Souceck says he found the bug in iOS 8.1.1 back in January and filed a bug report with Apple, but after not hearing back or seeing a fix after five months, he made the code public.…
