FLOP and SLAP vulnerabilities put most every Apple device at risk.AFP via Getty ImagesSecurity researchers have disclosed two scary new vulnerabilities that could enable the theft of sensitive data from web browsers on Apple devices, including laptop and desktop Macs, iPhones and iPads. The side-channel attacks impact devices dating back as far as 2021 and can be exploited remotely by hackers without physical access to the device. Heres what you need to know.The FLOP And SLAP Apple Device Side-Channel AttacksAs news breaks of hackers getting faster when it comes to carrying out their attacks and security warnings for users of Google Chrome, web browsers on Apple devices running M2, M3, M4, A15 Bionic, A16 Bionic and A17 Pro chips have been found to be vulnerable to remote data-theft attacks.Security researchers Jason Kim, Jalen Chuang, Daniel Genkin and Yuval Yarom, from the Georgia Institute of Technology and Ruhr University Bochum, have published two new reports detailing the attack methodologies, known as FLOP and SLAP.As first reported by Bleeping Computer, the attacks exploit side-channel vulnerabilities in Apple silicon to read sensitive data from Chrome and Safari, including from services being accessed by them such as Gmail and iCloud, for example.MORE FOR YOUThe attacks are based on processor speculative execution, a measure used to speed up processing by guessing what a future instruction will be. These guesses can leave memory traces that are then vulnerable to exploitation by hackers.There are hardware and software measures to ensure that two open webpages are isolated from each other, preventing one of them from maliciously reading the other's contents, the researchers said, SLAP and FLOP break these protections, allowing attacker pages to read sensitive login-protected data from target webpages.The Apple Devices Impacted By The Latest Side-Channel VulnerabilitiesAccording to the research disclosure, the following Apple devices are impacted by FLOP and SLAP:Mac laptops from 2022-present (MacBook Air, MacBook Pro)Mac desktops from 2023-present (Mac Mini, iMac, Mac Studio, Mac Pro)iPad Pro, Air, and Mini models from September 2021-present (Pro 6th and 7th gen., Air 6th gen., Mini 6th gen.)iPhones from September 2021-present (All 13, 14, 15, and 16 models, SE 3rd gen.)Mitigation Methods And The Apple ResponseThe researchers said that implementing any mitigations requires software vendor patches, and while Apple has communicated to us that they plan to address these issues in an upcoming security update, at the time of writing, no fix is available."We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these types of threats. Based on our analysis, we do not believe this issue poses an immediate risk to our users, an Apple spokesperson said.