Recent Apple CPUs (M2/A15 and M3/A17) contain vulnerabilities called SLAP and FLOP that exploit speculative execution through Load Address and Load Value predictors. These attacks allow malicious websites to bypass browser security measures and access sensitive data like emails, location history, and credit card information across different web pages. Apple plans to address these vulnerabilities in upcoming security updates.

https://predictors.fail/

via https://lobste.rs/top/rss