The YGN Ethical Hacker Group has issued a public warning about vulnerabilities in the Apple Developer Site which could simplify phishing attacks. The group says that they warned Apple of the problems in April, but they have yet to be fixed. If the issues are not addressed in the next few days, YGN is threatening to release more detailed information about the problems to the Full Disclosure mailing list.
Specifically, YGN says that the Apple site has arbitrary URL redirect, cross-site scripting and HTTP response splitting flaws.
Charlie has over a decade of experience in website administration and technology management. As the site admin, he oversees all technical aspects of running a high-traffic online platform, ensuring optimal performance, security, and user experience.
