Your confidential information ranging from web passwords in Chrome and other browsers to app passwords to banking credentials stored and synced between devices though Apple's iCloud Keychain service—even data you thought was stored safely in password managers like 1Password and LastPass—can be easily compromised due to a trio of major vulnerabilities discovered in Apple's desktop and mobile operating systems.
As discovered by a team of researchers at Indiana University, Georgia Tech and China's Peking University and reported by The Register, Keychain's access control lists, URL schemes and OS X's app containers contain flaws creating serious attack vectors.