Techly NewsGet the app

Get the latest tech news

Leaking Passwords and more on macOS


A security research blog.

What had started with the lowly file descriptor (a single handle that could allow a process to read, write, or seek) had turned into a confusing mess of streams, sockets, shared memory, and more. NetAuthAgent is a daemon on macOS (more specifically a user agent, as the OS documentation delineates between the two terms) that is responsible for handling the credentials for file servers (FTP, Samba, WebDAV, etc.). When doing research for this vulnerability, I found multiple colleges and universities with help articles directing students and faculty to use this feature, with many explicitly telling users to check the box saving the credentials to the keychain.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of macOS

macOS

Photo of cve-2024

cve-2024

Photo of leaking passwords

leaking passwords

Related news:

News photo

CVE-2024-9956 – PassKey Account Takeover in All Mobile Browsers

News photo

Foldable MacBook-iPad Hybrid Device Likely to Run macOS, Analyst Says

News photo

Apple No Longer Hiding Apple Intelligence Storage Space Info in macOS 15.4

« Claude can now search the web
Pump.co (YC S22) Is Hiring »