Three serious vulnerabilities in cross-app resource sharing protocols on Apple’s desktop and mobile platforms have been discovered and used successfully to steal data — like passwords and secret authentication keys — including one that lays Keychain open