Cybersecurity researchers have disclosed an unpatched flaw in Apple Pay that attackers could abuse to make an unauthorized Visa payment with a locked iPhone by taking advantage of the Express Travel mode set up in the device’s wallet. « An attacker only needs a stolen, powered on iPhone. The transactions could also be relayed from an iPhone inside someone’s bag, without their knowledge, » a group
Source de l’article sur The Hacker News