• HOME
  • GUEST POST
  • ABOUT US
  • CONTACT US
  • DISCLAIMER
  • PRIVACY POLICY
Wednesday, July 9, 2025
No Result
View All Result
  • HOME
  • NEWS
    • POLITICS
  • BUSINESS
    • INTERNET MARKETING
  • FINANCE
    • CRYPTO
  • ENTERTAINMENT
    • MOVIE REVIEWS
  • SPORTS
    • CRICKET
    • FOOTBALL
    • WWE
  • TECH
  • HEALTH
  • TRAVEL
  • BLOG
    • AUTOMOBILE
    • CASINO
    • DEALS
    • LIFESTYLE
    • EDUCATION
  • HOME
  • NEWS
    • POLITICS
  • BUSINESS
    • INTERNET MARKETING
  • FINANCE
    • CRYPTO
  • ENTERTAINMENT
    • MOVIE REVIEWS
  • SPORTS
    • CRICKET
    • FOOTBALL
    • WWE
  • TECH
  • HEALTH
  • TRAVEL
  • BLOG
    • AUTOMOBILE
    • CASINO
    • DEALS
    • LIFESTYLE
    • EDUCATION
No Result
View All Result
Cover365
No Result
View All Result
Home NEWS

Apple’s A- and M-Series Chips Vulnerable to Hacks, Researchers Warn

by Hari Pramod
5 months ago
in NEWS, TECH
Reading Time: 7 mins read
0 0
0
Share on FacebookShare on TwitterShare on WhatsAppShare on LinkedInShare on RedditShare on Pinterest

A new report has exposed two major security flaws in Apple’s in-house chipsets, putting millions of Mac, iPhone, and iPad users at risk. The vulnerabilities could allow hackers to extract sensitive user data, including credit card details and location history, through side-channel attacks. Security researchers have named these exploits FLOP and SLAP, which target Apple’s speculative execution technology.

How Side-Channel Attacks Extract Sensitive Data

Not all cyberattacks rely on software vulnerabilities. Some, like side-channel attacks, exploit physical and behavioral characteristics of hardware to extract confidential information. This can include analyzing a processor’s timing, power consumption, or even electromagnetic emissions.

In Apple’s case, the newly discovered flaws stem from speculative execution—a performance-enhancing feature that anticipates future commands and executes them preemptively. While this technique speeds up processing, it also creates unintended leaks that attackers can exploit.

Apple MacBook processor teardown

FLOP and SLAP: The Two New Threats

Security researchers have identified two distinct attack methods: FLOP and SLAP. Both manipulate Apple’s chip design to steal private data from Safari and Chrome browsers.

  • FLOP: This attack exploits Apple’s Load Value Predictor (LVP), which guesses memory contents before they are available. By deceiving the LVP, hackers can extract sensitive data like Google Maps location history, Proton Mail inbox contents, and iCloud Calendar events.
  • SLAP: This method targets the Load Address Predictor (LAP), which predicts where instructions should fetch data from. SLAP can cause Safari to leak private information from one tab to another, meaning an attacker’s site could extract sensitive data from an open Gmail tab.

How FLOP and SLAP Compare

A closer look at these two exploits reveals that FLOP is significantly more dangerous than SLAP.

Attack Type Affected Components Targeted Applications Severity Level
FLOP Load Value Predictor (LVP) Safari, Chrome High – Can read any memory address in browser process
SLAP Load Address Predictor (LAP) Safari only Medium – Limited to reading adjacent webpage strings

FLOP is particularly concerning because it works across multiple browsers and has unrestricted access to memory addresses within the browser’s process space. SLAP, on the other hand, only affects Safari and is restricted to data stored near the attacker’s own JavaScript strings.

Affected Devices: Who’s at Risk?

The vulnerabilities impact devices powered by Apple’s latest custom chipsets. These include:

  • MacBooks: All models released from 2022 onwards
  • Mac desktops: Devices launched from 2023 onwards
  • iPad Pro: Models introduced from September 2021 onwards

This means anyone using an M2 or later MacBook, a newer Mac desktop, or a recent iPad Pro could be vulnerable. iPhones powered by A-series chips may also be affected, though the full scope of exposure is still under investigation.

Can These Attacks Be Mitigated?

While FLOP and SLAP are serious threats, they are not easy to execute. These attacks require:

  • Direct access to a vulnerable Apple device
  • Malicious code running within Safari or Chrome
  • A method to bypass existing browser security protections

Apple has not yet commented on the findings, but security patches are likely in the works. In the meantime, users can take precautionary steps:

  • Keep your software up to date: Install the latest macOS, iPadOS, and iOS updates as soon as they are available.
  • Use private browsing mode: This may limit the effectiveness of side-channel attacks.
  • Be cautious with website permissions: Avoid granting unnecessary permissions to unfamiliar websites.

Security researchers emphasize that while these vulnerabilities are concerning, they are not immediate threats to everyday users. However, their existence highlights the growing risks associated with speculative execution, a feature that has already led to multiple security flaws across the industry.

Hari Pramod

Hari Pramod

Hari Pramod is a seasoned content writer with a passion for sports. Hari's expertise in the sports niche makes him a go-to source for sports enthusiasts seeking insightful and engaging articles. With years of experience, he combines his in-depth knowledge of the sports industry with exceptional writing skills to create engaging and informative content

Related Posts

Indian stock market opening bell NSE BSE trading floor
FINANCE

Indian Stock Market Opens Flat Amid Trump Tariff Tensions and Q1 Jitters

2 hours ago
smart mosquito control system india
HEALTH

Andhra Pradesh Bets Big on AI to Kill the Buzz — Smart Mosquito System Rolls Out in 66 Hotspots

1 day ago
bentley car india showroom
AUTOMOBILE

Bentley Joins Skoda Auto Volkswagen India Portfolio, Marking Ultra-Luxury Push

1 day ago
TikTok logo on smartphone with US flag background
NEWS

TikTok to Launch U.S.-Only Version Ahead of Government Ban Deadline

2 days ago
Kajol childhood boarding school runaway
ENTERTAINMENT

Kajol’s Bold Escape: A Childhood Tale of Love and Defiance

2 days ago
ripple labs federal reserve bank charter application
CRYPTO

Ripple Follows Circle in Push for National Bank Charter, Aims for Federal Reserve Access

4 days ago
Next Post
Destiny 2 Dreadnaught Expansion

Destiny 2: Heresy Brings Guardians Back to the Dreadnaught With Major Changes

Suzlon wind turbines India

Suzlon Energy Hits Upper Circuit as Q3 Profit Surges 91%

SEARCH NEWS

No Result
View All Result

RECENT NEWS

  • Indian Stock Market Opens Flat Amid Trump Tariff Tensions and Q1 Jitters
  • Andhra Pradesh Bets Big on AI to Kill the Buzz — Smart Mosquito System Rolls Out in 66 Hotspots
  • Bentley Joins Skoda Auto Volkswagen India Portfolio, Marking Ultra-Luxury Push
  • TikTok to Launch U.S.-Only Version Ahead of Government Ban Deadline
  • Kajol’s Bold Escape: A Childhood Tale of Love and Defiance
  • Ripple Follows Circle in Push for National Bank Charter, Aims for Federal Reserve Access
  • Abhishek Bachchan Breaks Silence on Social Media Noise, Brushes Off Divorce Speculation
  • Alex Carey Holds the Fort with Gritty 63 as Australia Rebuilds in Grenada
  • Vidit Gujrathi vs TheLiverDoc: Twitter’s Latest “Doctor” Showdown
  • India Steady at 98/2 at Lunch in Edgbaston Test, Jaiswal Hits Fluent Fifty Amid Bumrah Absence

ABOUT US

Cover365 Footer Logo

We are Google news approved website from India run by Group of Bloggers. We cover trending news topics and explore in-depth about the topics.

If you would like to promote your business or ads in our website, You can Contact us anytime at ceo.cover365@gmail.com

ADVERTISEMENT

We charge nominal cost to promote your business in our website. We accept following promotions that will help your business and improve your website SEO.

  • ADVERTISE
  • GUEST POST
  • SPONSORED ARTICLE
  • WRITE FOR US
  • HOMEPAGE LINKS
  • BANNER ADS
  • PRESS RELEASE

POPULAR CATEGORIES

Popular Categories in our website,

  • BUSINESS
  • FINANCE
  • CRYPTO
  • ENTERTAINMENT
  • SPORTS
  • EDUCATION
  • TECH
  • HEALTH
  • LIFESTYLE
  • TRAVEL
  • CASINO

SEARCH WEBSITE

No Result
View All Result

WEBSITE STATS

Cover365 Monthly Stats: (Will be updated every month)

  • Traffic: 100,000+ / Month
  • Website Age: 12 Years+
  • Google News Approved
  • 4+ Active Writers
  • High Quality Articles
  • HOME
  • GUEST POST
  • ABOUT US
  • CONTACT US
  • DISCLAIMER
  • PRIVACY POLICY

© 2023 Cover365

No Result
View All Result
  • HOME
  • NEWS
    • POLITICS
  • BUSINESS
    • INTERNET MARKETING
  • FINANCE
    • CRYPTO
  • ENTERTAINMENT
    • MOVIE REVIEWS
  • SPORTS
    • CRICKET
    • FOOTBALL
    • WWE
  • TECH
  • HEALTH
  • TRAVEL
  • BLOG
    • AUTOMOBILE
    • CASINO
    • DEALS
    • LIFESTYLE
    • EDUCATION

© 2023 Cover365

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist