This article discusses a vulnerability, CVE-2024-54471, that was patched as part of the Apple security releases: macOS Sequoia 15.1, macOS Sonoma 14.7.1, and macOS Ventura 13.7.1 (all released on October 28th, 2024). If you use a macOS device and are not on one of these updated versions: update now!
These two blogs had me thinking about whether using built-in tools like Safari, Apple Passwords, Files app, etc in macOS or other systems (e.g. Windows Sandbox vs other virtualization tools) is less secure than using separate third party software. One famous example is iMessages. It seems even after Blastdoor, it’s still regularly gets exploited (although the same is true for Whatsapp)