Apple recently patched a problem in its Passwords app with the iOS 18.2 update in December. This flaw had put users at risk of phishing attacks for three months, ever since iOS 18 came out.
What Went Wrong with the Passwords App
A report from 9to5Mac highlighted an Apple security note revealing that the Passwords app was sending unprotected requests for website logos and icons tied to saved passwords. Normally, encryption keeps this data safe, but without it, anyone on the same Wi-Fi network could trick users into visiting a fake site designed to steal their login info. Security experts from Mysk first noticed this issue and told Apple about it in September.
How Apple Described the Fix
In the iOS 18.2 security notes, Apple explained the problem simply:
- Effect: Someone with network access might steal private details.
- Solution: The app now uses HTTPS to send data securely.
Apple also confirmed they fixed this across other devices like Macs, iPads, and Vision Pros, not just iPhones.
Why It Matters
This glitch left users exposed for months, but Apple’s update finally closed the gap. It’s a reminder that even big companies can miss things—though they acted once the issue was clear. If you’re on iOS 18, grabbing the latest update keeps your info safer from sneaky attacks like these.