Many of the most popular Mac OS X apps have recently been discovered to be vulnerable to man-in-the-middle attacks (MiTM).
The vulnerability specifically targets applications that use Sparkle - a third-party software update framework - and HTTP connections without encryption.
A security technician from Vulnsec, known as Radek, reported that vulnerability works both in El Capitan and his predecessor, Yosemite.
The total number of applications affected is not known, but Radek estimates that the number is "huge":
- Camtasia 2 (v2.10.4)
- DuetDisplay (v220.127.116.11)
- uTorrent (v1.8.7)
- Sketch (v3.5.1)
In addition, security researcher Jonathan Zdziarski told Ars Technica that the "Hopper" reverse engineering tool as well as the "DXO Optics Pro" are also vulnerable.
If you want to see the full list of applications that might be vulnerable to MITM attacks, the following link provides a list of applications that use Sparkle.
It is important to note, however, that not all these Mac applications are communicating via unencrypted HTTP connections, and that they do not all use the same (vulnerable) version of Sparkle.
The popular Adium chat program, for example, uses Sparkle but communicates via HTTPS.
If you are running an application that could be vulnerable, the best thing to do is to update it immediately.
See the list