I wrote an in-depth explanation of the "Sign In with Apple" Zero-Day that was revealed by a security researcher this weekend. The problem had nothing to do with OAuth or JWT, and you might be surprised at how simple the bug actually was. https://aaronparecki.com/2020/05/31/30/the-real-c... aaronparecki.com

2020-06-01 8:04 pm

Embed

Micro.blog

Micro.blog