Apple Podcasts Becomes The Target Of Hackers, The Mechanism Of Attacks Is Still Mysterious

JAKARTA The Apple Podcasts app is reported to be a new line of attack for bad actors, although so far there has been no clarity on the level of threat. A number of users found the app to be open on its own without any interactions, either on the iPhone or Mac.

Initial reports came from Joseph Cox of 404 Media. He said he often found his Mac open with the Podcasts app already active and playing random shows. What made him suspicious was that podcast titles or descriptions were often infiltrated by potentially dangerous suspicious links.

Patrick Wardle, macOS security expert, managed to replicate the phenomenon through a website. When the site opens, the Podcasts app immediately activates without requesting permission from the user. This behavior is odd because macOS usually requires confirmation before the app is opened by the browser.

Wardle said that although the app itself feels more annoying than dangerous, the links inserted could pose a risk. Cox found a link that could theoretically trigger cross-site scripting attacks on legitim websites. But there is no evidence that the experiment was really successful.

Apple has not responded to this report, although the company still responds to questions about other issues at almost the same time. There has been no indication that this issue is widespread; Apple Insider reported no similar cases in its testing.

Users are advised not to press any links from unknown podcasts. If Podcasts apps suddenly open with foreign content, the safest step is to close the app without making further interactions.

This incident serves as a reminder that the path of cyberattack sometimes arises from an unexpected gap. The digital security world continues to move fast, and everyday devices like podcast apps can turn out to be an experimental field for hackers who want to test the system's limits.