Friday, December 8, 2023

LinkedIn iOS App Caught Reading Clipboard With Every Keystroke, Says it is a Bug

LinkedIn caught snooping on the clipboard data of every keystroke, the issue was discovered with the beta version of iOS 14.

The LinkedIn iOS app is responsible for the privacy-intrusive behavior that spotted by a developer who goes with the twitter handle @DonCubed.

LinkedIn iOS App

DonCubed noticed that while using LinkedIn on his iPad Pro, a service copying the keystrokes from the clipboard on his MacBook Pro.

The data snooping was discovered using the new mechanism introduced in iOS 14 that alerts users when some app is reading contents from the clipboard.

The new feature with iOS 14 is a good upgrade to privacy, iOS 14 also alerts users when an app accesses their camera or microphone.

With the new mechanism, @DonCubed found that “LinkedIn is copying the contents of my clipboard every keystroke. IOS 14 allows users to see each paste notification.”

LinkedIn’s consumer products’ VP Engineering Erran Berger said that copying behavior is not an intended one, he further added that “the contents of the clipboard are not stored or transmitted. A fix for the issue is in the works, and should be available soon.”

Earlier TikTok caught accessing the clipboard every few seconds and the company said they are to remove the feature.

Not only TikTok many other apps like Twitter, Starbucks, Overstock, AccuWeather, and more caught reading users clipboard data.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Also Read

Critical LinkedIn AutoFill Vulnerability Allow Hackers to Steal LinkedIn Users Sensitive Information

Hackers Abusing LinkedIn’s Direct Messaging Service to Deliver More_eggs Malware via Fake Job Offers

Website

Latest articles

Exploitation Methods Used by PlugX Malware Revealed by Splunk Research

PlugX malware is sophisticated in evasion, as it uses the following techniques to avoid...

TA422 Hackers Attack Organizations Using Outlook & WinRAR Vulnerabilities

Hackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative...

Bluetooth keystroke-injection Flaw: A Threat to Apple, Linux & Android Devices

An unauthenticated Bluetooth keystroke-injection vulnerability that affects Android, macOS, and iOS devices has been...

Atlassian Patches RCE Flaw that Affected Multiple Products

Atlassian has been discovered with four new vulnerabilities associated with Remote Code Execution in...

Reflectiz Introduces AI-powered Insights on Top of Its Smart Alerting System

Reflectiz, a cybersecurity company specializing in continuous web threat management, proudly introduces a new...

SLAM Attack Gets Root Password Hash in 30 Seconds

Spectre is a class of speculative execution vulnerabilities in microprocessors that can allow threat...

Akira Ransomware Exploiting Zero-day Flaws For Organization Network Access

The Akira ransomware group, which first appeared in March 2023, has been identified as...

Endpoint Strategies for 2024 and beyond

Converge and Defend

What's the pulse of Unified Endpoint Management and Security (UEMS) in Europe? Join us live to uncover the strategies that are defining endpoint security in the region.

Related Articles