USB port is a wonderful invention but, also serves as a good attack vector - Security researchers have discovered a new class of security vulnerabilities (Thunderclap) that impacts all major operating systems, including Microsoft Windows, Apple macOS, Linux, and FreeBSD, allowing attackers to bypass protection mechanisms introduced to defend against DMA attacks.

In particular, all Apple laptops and desktops produced since 2011 are vulnerable, with the exception of the 12-inch MacBook. Many laptops, and some desktops, designed to run Windows or Linux produced since 2016 are also affected - check whether your laptop supports Thunderbolt.

Thunderbolt port allows connected peripherals to bypass operating system security policies and directly read/write system memory that contains sensitive information including your passwords, banking logins, private files, and browser activity.

Additionally, researchers also developed a proof-of-concept attacking hardware that can execute the ThunderClap vulnerabilities on targeted systems, but they chose not to release it in public at this time.

https://thehackernews.com/2019/02/thunderbolt-peripheral-dma-attacks.html