Feed›Vulnerability›macOS flaw allowed rogue apps to access chat and browser dat...

VulnerabilityCyber Insider

3.3 — LOW

macOS flaw allowed rogue apps to access chat and browser data

📅 19 May 2026 at 16:53 UTC📰 Cyber InsiderView original source ↗

Researchers at mobile privacy firm Mysk have disclosed details of a now-patched macOS vulnerability that could allow malicious apps to bypass Apple’s sandbox and privacy protections to access sensitive user data stored by messaging, productivity, and browser applications. Tracked as CVE-2026-28910, the flaw abused Apple’s built-in Archive Utility app and a long-standing drag-and-drop behavior in … The post macOS flaw allowed rogue apps to access chat and browser data appeared first on CyberInsider.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A previously patched macOS vulnerability (CVE-2026-28910) was exploited by malicious apps to bypass Apple's sandbox and access sensitive user data, including chat and browser history, without elevated privileges or special permissions.

⚙️Technical Details

Affected Systems

macOS Tahoe 26.0 through 26.3.2

💥Impact Assessment

Severity: Unknown

🛡️Recommended Actions

1Regularly update macOS to version 26.4 or later

2Use secure messaging apps that store data end-to-end encrypted

3Be cautious when installing applications from the App Store or outside sources

📦Affected Products

Apple Macos

🔐NVD Verified DataVERIFIED

CVE-2026-28910 ↗CVSS 3.3 — LOW

Attack Vector

LOCAL

Complexity

LOW

Vector String

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Weaknesses

CWE-284

Affected Products (CPE)

Apple Macos

Advisories

📋 https://support.apple.com/en-us/126794

Read the full article

This is a curated summary. The complete article is available at Cyber Insider.

Read on Cyber Insider ↗

← Back to feed