A researcher has discovered a zero-day vulnerability in Apple’s built-in password manager. Patrick Wardle says his proof-of-concept attack tool steals passwords in clear text from the Keychain. The flaw is present in the latest version of Apple’s Mac operating system, High Sierra (10.13) The Keychain is an encrypted container that stores credentials for Wi-Fi networks, backup disks, encrypted disk images and even credit card numbers and PINs for bank accounts. Apple promises to patch the flaw and warn users to pay careful attention to security dialogues.”]
Source: https://www.cuinfosecurity.com/beware-apples-password-manager-has-zero-day-flaw-a-10345