Starting the New Year off with a bang, a hacker has leaked a way to let anyone access your iCloud account. That means your photos, files, apps and more are extremely vulnerable right now. We don't know for sure that this works, but it appears to be real.
A hacker by the name of Pr0x13 has created a GitHub page to showcase this hacker tool, named iDict. It's a brute force dictionary attack that's described as a "100% working iCloud Apple ID dictionary attack that bypasses account lockout restrictions and secondary authentication on any account."
So, what does that mean for you? Well, we don't know for sure that it actually works yet since it's basically a "zero-day" exploit. And the hacker would have to know your iCloud email address to gain access.
However, tech-savvy users on Reddit and Twitter claim that this attack does work. This kind of dictionary attack works best against people who use simple or easy-to-guess passwords, or who use the same password for multiple sites.