Microsoft calls out Apple Intelligence AI security flaw which could have let hackers steal private data
techradar.com
- Microsoft finds macOS security bug which could allow threat actors to pull sensitive data from Apple Intelligence
- "Sploitlight" revolves around Spotlight plugins
- It was fixed in macOS Sequoia 15.4, so users should upgrade now
Microsoft has revealed details of a security vulnerability in macOS which allowed threat actors to steal sensitive information from the Apple Intelligence AI tool.
In a blog post, Microsoft said it found a bug that bypasses Transparency, Consent, and Control (TCC) mechanisms found on macOS devices. TCC is a security and privacy framework that restricts access to sensitive user data and system features.
The bug, tracked as CVE-2025-31199, could allow hackers to access files in the Downloads folder, as well as caches utilized by Apple Intelligence. Microsoft dubbed the vulnerability “Sploitlight” since it abuses Spotlight plugins, but says it is more dangerous than previous TCC bypasses such as HM-Surf, or powerdir.
Copyright of this story solely belongs to techradar.com . To see the full text click HERE