New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices.
January 29, 2025 By Eduard Kovacs
Academic researchers have disclosed the details of two new CPU side-channel attacks impacting millions of phones, tablets, laptops and desktop computers made by Apple.
The attack methods, discovered by researchers from the Georgia Institute of Technology and Ruhr University Bochum, have been named SLAP (Speculation via Load Address Prediction) and FLOP (False Load Output Predictions).
The researchers have demonstrated how an attacker can exploit CPU vulnerabilities to obtain potentially sensitive information from the memory of a targeted user’s Apple device by getting the victim to visit a malicious website.
According to the researchers, the SLAP and FLOP attacks work against all MacBook laptops released since 2022, all Mac desktop devices since 2023, and all iPads and iPhones released since September 2021.
