Hacker discovers serious iCloud flaws
One day in the spring, all links to Apple's Shortcuts suddenly stopped working, which attracted the attention of several news sites. The cause was thought to be a bug or an internal mistake, but now it turns out that it was Swedish hacker and security researcher Frans Rosén who accidentally deleted all the content in a database.
Rosén explains in a blog post how he discovered several security flaws in iCloud's database management. Among other things, Apple had made it possible for anyone to add and delete content in a number of databases belonging to various iCloud services.
First, he found a bug in something called iCrowd+ that appears to be related to Siri development. Then he moved on to Apple News and discovered that it was possible to delete content in the service (something he tested on his own News account). Had someone with malicious intent made this discovery, it would have been possible to temporarily empty Apple News of all content.