Researchers have created a lightweight, practical method of forcing Apple’s flagship operating systems to give up any passwords stored in them.
Hackers can force iOS and macOS browsers to divulge passwords and much more | Ars Technica
The attack called iLeakage is only an experiment and an academic paper at the moment, but who knows what the threat actors will do with this information.
There is no patch for this attack at the moment, so make sure you keep up with your Apple Updates.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
The website – iLeakage
The paper – iLeakage: Browser-based Timerless Speculative Execution Attacks on Apple Devices