Attackers can abuse URL requests processed by an email program for Mac to steal files from the victim — sometimes without user interaction.
Severe vulnerabilities in the Airmail 3 software – an alternative to Apple Mail for MacOS – would allow a remote attacker to steal a user’s past emails and file attachments, in many cases without requiring user interaction beyond simply opening a weaponized message.
ORIGINAL SOURCE: Theatpost