this post was submitted on 04 Apr 2025
15 points (85.7% liked)

Cybersecurity

6914 readers
27 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago
MODERATORS
[email protected]
[email protected]
15
Apple chips can be hacked to leak secrets from Gmail, iCloud, and more (28 Jan 2025) (arstechnica.com)
submitted 1 day ago by [email protected] to c/[email protected]
1 comments fedilink hide all child comments
top 1 comments
sorted by: hot top controversial new old
[–] [email protected] 7 points 1 day ago

The LAP can issue loads to addresses that have never been accessed architecturally and transiently forward the values to younger instructions in an unprecedentedly large window," the researchers wrote. "We demonstrate that, despite their benefits to performance, LAPs open new attack surfaces that are exploitable in the real world by an adversary. That is, they allow broad out-of-bounds reads, disrupt control flow under speculation, disclose the ASLR slide, and even compromise the security of Safari."

SLAP affects Apple CPUs starting with the M2/A15, which were the first to feature LAP. The researchers said that they suspect chips from other manufacturers also use LVP and LAP and may be vulnerable to similar attacks. They also said they don't know if browsers such as Firefox are affected because they weren't tested in the research.