From zdnet.com
A security researcher has published details today about a Safari browser bug that could be abused to leak or steal files from users’ devices.
The bug was discovered by Pawel Wylecial, co-founder of Polish security firm REDTEAM.PL.
Wylecial initially reported the bug to Apple earlier this spring, in April, but the researcher decided to go public with his findings today after the OS maker delayed patching the bug for almost a year, to the spring of 2021.