Researchers from Indiana University and the Georgia Institute of Technology said that security holes in both iOS and OS X allow a malicious app to steal passwords from Apple’s Keychain, as well as both Apple and third-party apps.

Major zero-day security flaws in iOS & OS X allow theft of both Keychain and app passwords