Security researchers at E.V.A Information Security have uncovered several critical vulnerabilities in CocoaPods, a popular dependency manager for Swift and Objective-C projects. These vulnerabilities potentially expose millions of Apple devices to supply chain attacks, highlighting the growing risks associated with open-source software dependencies.

CocoaPods, used in over three million mobile apps, plays a crucial role in the iOS and macOS development ecosystem. The discovered...