News

TCC, macOS and Sploitlight

‘Sploitlight’ Vulnerability: How Hackers Bypassed Apple’s TCC Protections
Unpatched Apple devices remain exposed to Sploitlight, a macOS flaw that allows unauthorized access to private user data despite security measures.
Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability
Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC),
Microsoft Warns of New ‘SploitLight’ Vulnerability in macOS
New SploitLight macOS vulnerability lets attackers use Spotlight plugins to bypass TCC and access sensitive data cached by Apple Intelligence.
Microsoft Discloses ‘Sploitlight’ macOS Flaw That Allows Stealing Apple Intelligence Data
Microsoft has disclosed a critical vulnerability in macOS that allows attackers to bypass core privacy protections and steal sensitive user data. The flaw, dubbed ‘Sploitlight’ by its researchers, exploits the operating system’s Spotlight search function to circumvent the Transparency,
macOS Spotlight Vulnerability Discovered by Microsoft
Microsoft Threat Intelligence found a Spotlight-related vulnerability that could allow attackers to steal private file data, outlining the issue in
Microsoft uncovered a security flaw affecting macOS’s Spotlight.
The vulnerability (CVE-2025-31199), which Apple patched in a March 31st update, could give bad actors access to files inside a device’s Downloads folder and data cached by Apple Intelligence. That includes geolocation data,
Microsoft Uncovers Critical Apple Intelligence Security flaw
The concern here was that this flaw found a way around that critical safeguard. So, how did it work? The vulnerability cleverly abused Spotlight plugins. These plugins help macOS index your files for search.
Microsoft Threat Intelligence has found a Spotlight-related macOS vulnerability
Microsoft Threat Intelligence has found a Spotlight-related vulnerability that could allow attackers to steal private file data, outlining the issue in a blog post today — as noted by MacRumors. From
SploitLight: Microsoft warns macOS flaw could leak Apple Intelligence metadata
Microsoft has detailed a serious macOS vulnerability that could allow malicious apps to bypass system privacy protections. Dubbed “SploitLight,”
Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data
Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks ...
Ubergizmo4h
Microsoft Uncovers Security Flaw In macOS Spotlight That Could Leak Private Data
Microsoft’s Threat Intelligence team has identified a now-fixed security vulnerability in Apple’s macOS Spotlight search ...
SecurityWeek2d
Sploitlight: macOS Vulnerability Leaks Sensitive Information
The TCC bypass could expose information cached by Apple Intelligence, including geolocation and biometric data.
Microsoft calls out Apple Intelligence AI security flaw which could have let hackers steal private data
Microsoft finds macOS security bug which could allow threat actors to pull sensitive data from Apple Intelligence"Sploitlight ...
iThinkDifferent2d
Apple fixes “Sploitlight” macOS security flaw that leaked Apple Intelligence data
Apple has patched a major security flaw in macOS, dubbed “Sploitlight,” that allowed attackers to bypass user privacy ...
Using Apple's Mac device? Update it to latest macOS now: Check reason here
Reportedly, Microsoft has disclosed a macOS flaw dubbed 'Sploitlight' that could have let attackers access highly sensitive ...