The security of millions of iOS apps could have been compromised due to a security vulnerability in the popular dependency manager CocoaPods.
Software developers often rely on code written by other companies or developers in order to speed up the development of their products. To facilitate the management of code from other sources — known as dependencies — developers use a tool called a dependency manager. The same is true when developing for Apple’s platforms, and the most popular dependency manager for iOS apps by far is CocoaPods.
This past Monday, the maintainers of the project released a statement uncovering a security issue that’s been recently discovered and was present in the software since June 2015, giving attackers plenty of time to potentially exploit it.
more…