Critical bug lets malicious apps access your data on macOS
Microsoft just flagged a big vulnerability in Apple's macOS called "SploitLight."
This bug lets sneaky apps slip past Apple's privacy controls by hiding harmful plugins where Spotlight will run them automatically.
Basically, it allows attackers to dodge the usual protections and get into files they shouldn't.
How bad is it?
If exploited, hackers could grab private stuff stored by Apple Intelligence—think photo tags, location info, facial recognition data, browsing history, and your preferences.
And it doesn't stop at Macs; if your iPhone or iPad is on the same iCloud account, those could be exposed too.
Update your macOS now
Apple fixed this with the macOS Sequoia update (released March 31, 2025). If you're still on an older version, upgrade ASAP to stay safe.
Microsoft waited until Apple patched things before going public—so updating now is your best move.