In The Name OF Allah
Al-Salam Alekum
![[Image: Sign+in+with+Apple.jpg]](https://1.bp.blogspot.com/-kYBsM_usui4/XtR34zWdKqI/AAAAAAAAJJc/KNBCZhDjVug4bk0gX5BYzoVpdaEFvn99ACLcBGAsYHQ/s1600/Sign+in+with+Apple.jpg)
Hello guys, Coming back after a break
![Smile Smile](https://redsecurity.info/cc/images/smilies/smile.png)
![Big Grin Big Grin](https://redsecurity.info/cc/images/smilies/biggrin.png)
Quote:Indian Security researcher found a critical Zero-day vulnerability in “Sign in with Apple” let hackers take over the third-party application accounts by just having their Email ID.
Very Similar to OAuth 2.0, Apple’s “sign in with Apple” helping the user to sign in to their third-party apps and websites faster using their Apple ID without filling out forms, verifying email addresses.
This feature is using million of Apple users to sign in their Third-party apps such as Dropbox, Spotify, Airbnb, Giphy, and the bug considering as “Critical” as it could have allowed full account takeover by the remote attackers.
Bhavuk Jain , Security Researcher from India reported this critical vulnerability to Apple said: “Successfully exploitation of the bug could have resulted in a full account takeover of user accounts on that third party application irrespective of a victim having a valid Apple ID or not.”
The Source
Thank you ![Smile Smile](https://redsecurity.info/cc/images/smilies/smile.png)
![Smile Smile](https://redsecurity.info/cc/images/smilies/smile.png)
Wa Salam Alekum
![Rs Rs](https://redsecurity.info/cc/images/emj/rs.png)
* Thankful to Allah *
Kurdy