Last month, we covered a macOS Keychain exploit that seemingly could expose user credentials and passwords. At the time, the researcher Linus Henze did not disclose the workings of the exploit to Apple as a protest because Apple does not offer a bug bounty reward scheme for macOS. Despite no change on that front from Apple, Henze has now decided to share his findings with the company to protect users.
more…