A team of security researchers has uncovered new side-channel vulnerabilities in modern Apple processors that can steal sensitive information from web browsers. These flaws, named FLOP and SLAP, target speculative execution mechanisms used in Apple’s M2/A15, M3/A17, and later models to predict memory addresses or data values. Exploited remotely through malicious websites, these attacks can extract details like sender and subject information, Google Maps location history, and iCloud Calendar events. While Apple has acknowledged the flaws and plans mitigation, no immediate risk is posed to users until updates are applied.
Source: https://www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers