• HOME
  • GUEST POST
  • ABOUT US
  • CONTACT US
  • DISCLAIMER
  • PRIVACY POLICY
Saturday, June 14, 2025
No Result
View All Result
  • HOME
  • NEWS
    • POLITICS
  • BUSINESS
    • INTERNET MARKETING
  • FINANCE
    • CRYPTO
  • ENTERTAINMENT
    • MOVIE REVIEWS
  • SPORTS
    • CRICKET
    • FOOTBALL
    • WWE
  • TECH
  • HEALTH
  • TRAVEL
  • BLOG
    • AUTOMOBILE
    • CASINO
    • DEALS
    • LIFESTYLE
    • EDUCATION
  • HOME
  • NEWS
    • POLITICS
  • BUSINESS
    • INTERNET MARKETING
  • FINANCE
    • CRYPTO
  • ENTERTAINMENT
    • MOVIE REVIEWS
  • SPORTS
    • CRICKET
    • FOOTBALL
    • WWE
  • TECH
  • HEALTH
  • TRAVEL
  • BLOG
    • AUTOMOBILE
    • CASINO
    • DEALS
    • LIFESTYLE
    • EDUCATION
No Result
View All Result
Cover365
No Result
View All Result
Home NEWS

Apple’s A- and M-Series Chips Vulnerable to Hacks, Researchers Warn

by Hari Pramod
5 months ago
in NEWS, TECH
Reading Time: 7 mins read
0 0
0
Share on FacebookShare on TwitterShare on WhatsAppShare on LinkedInShare on RedditShare on Pinterest

A new report has exposed two major security flaws in Apple’s in-house chipsets, putting millions of Mac, iPhone, and iPad users at risk. The vulnerabilities could allow hackers to extract sensitive user data, including credit card details and location history, through side-channel attacks. Security researchers have named these exploits FLOP and SLAP, which target Apple’s speculative execution technology.

How Side-Channel Attacks Extract Sensitive Data

Not all cyberattacks rely on software vulnerabilities. Some, like side-channel attacks, exploit physical and behavioral characteristics of hardware to extract confidential information. This can include analyzing a processor’s timing, power consumption, or even electromagnetic emissions.

In Apple’s case, the newly discovered flaws stem from speculative execution—a performance-enhancing feature that anticipates future commands and executes them preemptively. While this technique speeds up processing, it also creates unintended leaks that attackers can exploit.

Apple MacBook processor teardown

FLOP and SLAP: The Two New Threats

Security researchers have identified two distinct attack methods: FLOP and SLAP. Both manipulate Apple’s chip design to steal private data from Safari and Chrome browsers.

  • FLOP: This attack exploits Apple’s Load Value Predictor (LVP), which guesses memory contents before they are available. By deceiving the LVP, hackers can extract sensitive data like Google Maps location history, Proton Mail inbox contents, and iCloud Calendar events.
  • SLAP: This method targets the Load Address Predictor (LAP), which predicts where instructions should fetch data from. SLAP can cause Safari to leak private information from one tab to another, meaning an attacker’s site could extract sensitive data from an open Gmail tab.

How FLOP and SLAP Compare

A closer look at these two exploits reveals that FLOP is significantly more dangerous than SLAP.

Attack Type Affected Components Targeted Applications Severity Level
FLOP Load Value Predictor (LVP) Safari, Chrome High – Can read any memory address in browser process
SLAP Load Address Predictor (LAP) Safari only Medium – Limited to reading adjacent webpage strings

FLOP is particularly concerning because it works across multiple browsers and has unrestricted access to memory addresses within the browser’s process space. SLAP, on the other hand, only affects Safari and is restricted to data stored near the attacker’s own JavaScript strings.

Affected Devices: Who’s at Risk?

The vulnerabilities impact devices powered by Apple’s latest custom chipsets. These include:

  • MacBooks: All models released from 2022 onwards
  • Mac desktops: Devices launched from 2023 onwards
  • iPad Pro: Models introduced from September 2021 onwards

This means anyone using an M2 or later MacBook, a newer Mac desktop, or a recent iPad Pro could be vulnerable. iPhones powered by A-series chips may also be affected, though the full scope of exposure is still under investigation.

Can These Attacks Be Mitigated?

While FLOP and SLAP are serious threats, they are not easy to execute. These attacks require:

  • Direct access to a vulnerable Apple device
  • Malicious code running within Safari or Chrome
  • A method to bypass existing browser security protections

Apple has not yet commented on the findings, but security patches are likely in the works. In the meantime, users can take precautionary steps:

  • Keep your software up to date: Install the latest macOS, iPadOS, and iOS updates as soon as they are available.
  • Use private browsing mode: This may limit the effectiveness of side-channel attacks.
  • Be cautious with website permissions: Avoid granting unnecessary permissions to unfamiliar websites.

Security researchers emphasize that while these vulnerabilities are concerning, they are not immediate threats to everyday users. However, their existence highlights the growing risks associated with speculative execution, a feature that has already led to multiple security flaws across the industry.

Hari Pramod

Hari Pramod

Hari Pramod is a seasoned content writer with a passion for sports. Hari's expertise in the sports niche makes him a go-to source for sports enthusiasts seeking insightful and engaging articles. With years of experience, he combines his in-depth knowledge of the sports industry with exceptional writing skills to create engaging and informative content

Related Posts

Generate a concept image of the iPhone 17 Air – ultra-thin, 6.6-inch display, single 48MP camera, Dynamic Island, sleek aluminum frame.
NEWS

Apple’s 2025 Vision: Inside the iPhone 17 ‘Air’ Revolution and What It Means for the Future of Smartphones

5 hours ago
pumpfun solana memecoin revenue chart defi llama
CRYPTO

PumpFun’s $4B Token Buzz Sparks Controversy—But Analysts Say $7B Might Be Just the Beginning

5 hours ago
Indian stock market screen red downtrend
FINANCE

Nifty Crashes 332 Points at Open as Markets Bleed Across Sectors

1 day ago
australia cricket team 2025 lords stadium
NEWS

Cummins Confirms XI as Australia Gear Up for WTC Final Showdown at Lord’s

2 days ago
bitcoin etf institutional investors table
CRYPTO

Investment Advisors Dominate Bitcoin ETF Holdings as Institutional Interest Surges

2 days ago
Rahul Vaidya Virat Kohli Instagram controversy
NEWS

Rahul Vaidya’s Instagram Dig at Virat Kohli Sparks Backlash

3 days ago
Next Post
Destiny 2 Dreadnaught Expansion

Destiny 2: Heresy Brings Guardians Back to the Dreadnaught With Major Changes

Suzlon wind turbines India

Suzlon Energy Hits Upper Circuit as Q3 Profit Surges 91%

SEARCH NEWS

No Result
View All Result

RECENT NEWS

  • Apple’s 2025 Vision: Inside the iPhone 17 ‘Air’ Revolution and What It Means for the Future of Smartphones
  • PumpFun’s $4B Token Buzz Sparks Controversy—But Analysts Say $7B Might Be Just the Beginning
  • Nifty Crashes 332 Points at Open as Markets Bleed Across Sectors
  • Cummins Confirms XI as Australia Gear Up for WTC Final Showdown at Lord’s
  • Investment Advisors Dominate Bitcoin ETF Holdings as Institutional Interest Surges
  • Rahul Vaidya’s Instagram Dig at Virat Kohli Sparks Backlash
  • PayPal’s PYUSD Roars Back to Life, Circulating Supply Hits $1B Mark Again
  • Amazon’s Big Summer Book Sale Is a Gift for Fantasy and Sci-Fi Fans
  • Premier Energies Stock Jumps After ₹2,629 Crore Block Deal Shakes Up the Market
  • Dungeons & Dragons Fans Score Big as Amazon Slashes Price on Art & Arcana Special Edition

ABOUT US

Cover365 Footer Logo

We are Google news approved website from India run by Group of Bloggers. We cover trending news topics and explore in-depth about the topics.

If you would like to promote your business or ads in our website, You can Contact us anytime at ceo.cover365@gmail.com

ADVERTISEMENT

We charge nominal cost to promote your business in our website. We accept following promotions that will help your business and improve your website SEO.

  • ADVERTISE
  • GUEST POST
  • SPONSORED ARTICLE
  • WRITE FOR US
  • HOMEPAGE LINKS
  • BANNER ADS
  • PRESS RELEASE

POPULAR CATEGORIES

Popular Categories in our website,

  • BUSINESS
  • FINANCE
  • CRYPTO
  • ENTERTAINMENT
  • SPORTS
  • EDUCATION
  • TECH
  • HEALTH
  • LIFESTYLE
  • TRAVEL
  • CASINO

SEARCH WEBSITE

No Result
View All Result

WEBSITE STATS

Cover365 Monthly Stats: (Will be updated every month)

  • Traffic: 100,000+ / Month
  • Website Age: 12 Years+
  • Google News Approved
  • 4+ Active Writers
  • High Quality Articles
  • HOME
  • GUEST POST
  • ABOUT US
  • CONTACT US
  • DISCLAIMER
  • PRIVACY POLICY

© 2023 Cover365

No Result
View All Result
  • HOME
  • NEWS
    • POLITICS
  • BUSINESS
    • INTERNET MARKETING
  • FINANCE
    • CRYPTO
  • ENTERTAINMENT
    • MOVIE REVIEWS
  • SPORTS
    • CRICKET
    • FOOTBALL
    • WWE
  • TECH
  • HEALTH
  • TRAVEL
  • BLOG
    • AUTOMOBILE
    • CASINO
    • DEALS
    • LIFESTYLE
    • EDUCATION

© 2023 Cover365

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist