Critical Apple Chip Flaws: FLOP and SLAP Attacks
2025-01-28
Researchers discovered two critical vulnerabilities, dubbed FLOP and SLAP, in Apple's M-series and A-series chips. FLOP exploits the chip's load value predictor (LVP) to steal sensitive data from Chrome and Safari browsers, including information from Gmail, iCloud, and Google Maps. SLAP, targeting primarily Safari, leverages the load address predictor (LAP) for similar data theft. Affected devices include iPhones, iPads, and Macs released since September 2021. While Apple claims to be assessing the risk, researchers have published mitigations and recommend users update their systems.