Security researchers have uncovered two major vulnerabilities in Apple’s A- and M-series chips, exposing sensitive user data to potential cyberattacks. Named FLOP and SLAP, these flaws exploit Apple’s speculative execution mechanisms—an optimization technique designed to enhance processing speed but inadvertently opening new attack surfaces. By leveraging side-channel attacks, hackers can access confidential data such as credit card details, email content, location history, and private messages from services like Gmail, iCloud, Google Maps, and Proton Mail.
This discovery raises critical questions about Apple’s silicon security, as speculative execution vulnerabilities have previously affected major chip manufacturers like Intel and AMD. The findings, presented by researchers from Georgia Institute of Technology and Ruhr University Bochum, underscore the need for immediate mitigations to protect Apple device users from potential exploitation.
Understanding Side-Channel Attacks in Apple Silicon
Apple’s affected chips employ advanced speculative execution techniques that not only predict the control flow of programs but also anticipate data flow. While this speeds up computations, it creates unintended leaks that attackers can exploit through side-channel attacks. These attacks analyze variations in processing behavior—such as timing delays or power consumption—to infer protected data.
FLOP and SLAP target two key predictive features within Apple’s silicon:
- Load Value Predictor (LVP): Predicts the contents of memory locations when they are not readily accessible. FLOP exploits this feature.
- Load Address Predictor (LAP): Predicts the memory addresses where data will be accessed. SLAP takes advantage of this mechanism.
By manipulating these predictors, attackers can bypass security protections that normally isolate webpages and prevent unauthorized access to sensitive memory.
FLOP: Exploiting the Load Value Predictor to Leak Data
FLOP is the more severe of the two vulnerabilities because it allows attackers to read any memory address within the browser process. It specifically targets Apple’s LVP, first introduced in the M3 and A17 chips. The LVP is designed to optimize memory access by predicting values, but researchers found that it sometimes speculates incorrectly—forwarding incorrect values from memory. Attackers can exploit this flaw to extract highly sensitive information, including Gmail messages, iCloud calendar events, and even credit card details.
How FLOP Works
FLOP requires a victim to be logged into a service like Gmail or iCloud while also visiting a malicious website in another browser tab. The attacker’s webpage injects JavaScript-based “training data” to manipulate the browser’s speculative execution process. By analyzing how the processor guesses memory values, the attacker gradually reconstructs protected data.
Devices Affected by FLOP
FLOP affects a wide range of Apple devices, including:
- MacBooks (2022–present): MacBook Air and MacBook Pro
- Mac desktops (2023–present): Mac Mini, iMac, Mac Studio, and Mac Pro
- iPads (2021–present): iPad Pro (6th and 7th generation), iPad Air (6th generation), iPad Mini (6th generation)
- iPhones (2021–present): iPhone 13, 14, 15, 16, and SE (3rd generation)
Additionally, FLOP affects both Safari and Chrome, making it particularly dangerous as it expands the attack surface across multiple browsers.
SLAP exploits the LAP feature found in newer Apple silicon, such as the M2 and A15 chips. Unlike FLOP, which manipulates memory values, SLAP alters memory addresses—tricking the processor into forwarding incorrect locations to unauthorized instructions. This flaw enables attackers to extract sensitive data stored in separate browser tabs, breaking browser security measures designed to isolate webpages.
How SLAP Works
SLAP is particularly concerning for Safari users. In a real-world attack scenario, if a user has Gmail open in one tab and a malicious site in another, the attacker can steal email content, Amazon purchase history, or Reddit login details. The flaw is especially dangerous for users who regularly keep multiple tabs open while browsing.
Unlike FLOP, SLAP is more limited in scope as it only works in Safari and cannot read arbitrary memory addresses. However, it still poses a significant threat by allowing attackers to extract critical user data.
One of the most alarming demonstrations of FLOP involves stealing credit card information from online storefronts hosted on Square.
How the Attack Works
- Attacker creates a storefront: The attacker sets up a Square subdomain, such as attacker.square.site.
- Victim logs into their store: The target accesses their own Square storefront (e.g., victim.square.site) and views their saved credit card information.
- Memory sharing vulnerability: Because Chrome allows certain subdomains within Square’s domain to share memory space, the attacker’s site injects malicious JavaScript that exploits FLOP.
- Extracting payment data: By carefully analyzing speculative execution behavior, the attacker can extract credit card numbers, addresses, and personal details stored in the victim’s Square account.
This attack demonstrates how FLOP can be used in real-world financial fraud, raising concerns about broader implications for online transactions.
The researchers behind these findings—Jason Kim, Jalen Chuang, Daniel Genkin, and Yuval Yarom—published detailed technical papers on FLOP and SLAP. Their research will be presented at major cybersecurity conferences:
- FLOP: 2025 USENIX Security Symposium
- SLAP: 2025 IEEE Symposium on Security and Privacy
Recommended Security Measures
To mitigate these attacks, the researchers suggest:
- Disabling speculative execution in vulnerable components: This could significantly reduce performance but eliminate the vulnerability.
- Strengthening browser security: Implementing additional isolation techniques for webpages could help prevent cross-tab attacks.
- Restricting JavaScript execution: Enhancing browser security settings to limit speculative execution-based attacks.
Apple’s Response
Apple has acknowledged the research but has not confirmed whether security patches are in development. In response to inquiries, an Apple representative stated:
“We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these types of threats. Based on our analysis, we do not believe this issue poses an immediate risk to our users.”
FLOP and SLAP join a growing list of speculative execution vulnerabilities that have affected Intel, AMD, and now Apple. These attacks are reminiscent of Spectre and Meltdown, which rocked the tech industry by revealing fundamental flaws in modern CPU designs.
Until Apple releases security patches, users should take extra precautions:
- Keep browsers updated: Ensure Safari and Chrome are running the latest security updates.
- Use trusted security extensions: Extensions that block JavaScript execution can reduce exposure.
- Limit open tabs: Avoid keeping sensitive sites open while browsing unknown webpages.
- Stay cautious with untrusted websites: Avoid clicking suspicious links, especially when logged into important accounts.
As speculative execution vulnerabilities continue to emerge, tech companies must prioritize hardware-level security improvements. Apple’s A- and M-series chips were designed for performance and efficiency, but as FLOP and SLAP demonstrate, security cannot be an afterthought.