It seems like there are a multitude of security flaws which get reported in the news at least once a month, and most of the time they turn out to be not that worrisome because they affect a small subset of users. This latest news is potentially more troubling as it also has the attention of Apple themselves.
According to the latest report from security researcher Luyi Xing, Apple iPhone has a serious security in iOS and OS X which will allow hackers to steal all of your passwords (or at least all passwords you have saved in Apple’s Keychain). Xing leads a team of seven researchers from Indiana University, Georgia Institute of Technology and Peking University. They recently discovered a serious zero-day flaw in Apple's Keychain service .Here's a quote with more of the details,
The good news is that Apple has been alerted to the issue and are working hard to address the problem. The bad news is that Apple has been aware of it since October, but has yet to actually address the issue in any of their latest OS versions.
The video above is a demonstration of the flaw. We felt it was important to share this issue for those who are concerned about security on their Apple devices.
Source: The Register