Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability

Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), including the ability to extract and leak sensitive information cached by Apple Intelligence.
The post Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability appeared first on Microsoft Security Blog.Microsoft Security BlogRead More