Radek: Let’s sum up everything to that point: AppCast process is using HTTP that could be intercepted and modified on the fly We can insert our HTML and JavaScript code into a WebView component to display it to the user We control the transmission after doing the MITM attack […] The vulnerability is not in … Continue reading Sparkle Updater Vulnerability