Darren Pauli (comments): Six university researchers have revealed deadly zero-day flaws in Apple’s iOS and OS X, claiming it is possible to crack Apple’s password-storing keychain, break app sandboxes, and bypass its App Store security checks. Attackers can steal passwords from installed apps, including the native email client, without being detected, by exploiting these bugs. … Continue reading XARA: Unauthorized Cross-App Resource Access