Tuesday, December 3, 2024
HomeInformation GatheringLinkedIn iOS App Caught Reading Clipboard With Every Keystroke, Says it is...

LinkedIn iOS App Caught Reading Clipboard With Every Keystroke, Says it is a Bug

Published on

SIEM as a Service

LinkedIn caught snooping on the clipboard data of every keystroke, the issue was discovered with the beta version of iOS 14.

The LinkedIn iOS app is responsible for the privacy-intrusive behavior that spotted by a developer who goes with the twitter handle @DonCubed.

LinkedIn iOS App

DonCubed noticed that while using LinkedIn on his iPad Pro, a service copying the keystrokes from the clipboard on his MacBook Pro.

- Advertisement - SIEM as a Service

The data snooping was discovered using the new mechanism introduced in iOS 14 that alerts users when some app is reading contents from the clipboard.

The new feature with iOS 14 is a good upgrade to privacy, iOS 14 also alerts users when an app accesses their camera or microphone.

With the new mechanism, @DonCubed found that “LinkedIn is copying the contents of my clipboard every keystroke. IOS 14 allows users to see each paste notification.”

LinkedIn’s consumer products’ VP Engineering Erran Berger said that copying behavior is not an intended one, he further added that “the contents of the clipboard are not stored or transmitted. A fix for the issue is in the works, and should be available soon.”

Earlier TikTok caught accessing the clipboard every few seconds and the company said they are to remove the feature.

Not only TikTok many other apps like Twitter, Starbucks, Overstock, AccuWeather, and more caught reading users clipboard data.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

Critical LinkedIn AutoFill Vulnerability Allow Hackers to Steal LinkedIn Users Sensitive Information

Hackers Abusing LinkedIn’s Direct Messaging Service to Deliver More_eggs Malware via Fake Job Offers

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

PEFT-As-An-Attack, Jailbreaking Language Models For Malicious Prompts

Federated Parameter-Efficient Fine-Tuning (FedPEFT) is a technique that combines parameter-efficient fine-tuning (PEFT) with federated...

Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms

Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target...

Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration

wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By...

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Singapore’s Government Directed ISPs To Block Access To Ten Inauthentic Websites

Singapore’s government has instructed internet service providers to block access to websites deemed “inauthentic,”...

Mastering Crypto Wallet Management: Secure Your Digital Assets With Confidence 

Navigating the world of cryptocurrencies can feel like unlocking a new frontier. I remember...

32 Million Sensitive Records Exposed From Service Management Provider

A significant data breach occurred at ServiceBridge, a technology company specializing in field service...