October 5, 2024 at 01:30AM Apple has released iOS and iPadOS updates addressing two security issues. One flaw could enable VoiceOver to read out a user’s passwords, impacting various iPhone and iPad models. Another vulnerability allowed capturing audio before the microphone indicator is on. Users are urged to update to iOS 18.0.1 and iPadOS 18.0.1 … Read more
September 17, 2024 at 05:31PM A zero-click exploit chain in macOS undermines security protections, compromising iCloud data. It starts with a lack of file sanitization in Calendar events, leading to remote code execution and access to sensitive data. Attackers can exploit vulnerabilities to bypass security controls like Gatekeeper and TCC. Apple has since acknowledged and … Read more
September 16, 2024 at 03:45PM Apple’s iOS 18 refresh addresses at least 33 security vulnerabilities, securing iPhones and iPads from malicious attacks. Fixes encompass core components like accessibility, Bluetooth, Control Center, and Wi-Fi, preventing unauthorized access to sensitive data or device control. Additionally, macOS Sequoia 15 was launched with a significant number of security patches … Read more
September 13, 2024 at 11:21AM A security flaw, GAZEploit, was discovered in Apple’s Vision Pro mixed reality headset, allowing attackers to infer data from the virtual keyboard using eye movements. Apple released visionOS 1.3 to fix the vulnerability, suspending the affected component, Presence. The attack could compromise user privacy by remotely inferring keystrokes from video … Read more
August 16, 2024 at 05:27AM Cybersecurity researchers have discovered Banshee Stealer, a new malware targeting Apple macOS systems, being sold for $3,000 a month. It attacks various browsers, cryptocurrency wallets, and around 100 extensions, harvesting data and employing anti-detection measures. This follows the emergence of other macOS and Windows-based stealers, signaling the rise of platform-specific … Read more
July 30, 2024 at 04:54AM Apple announced security updates for iOS, iPadOS, and macOS. iOS 17.6 and iPadOS 17.6 fixed 35 security flaws, while macOS Sonoma 14.6 addressed nearly 70 vulnerabilities. Fixes included patches for third-party components. Safari, tvOS, visionOS, and watchOS also received updates. Users are urged to update their devices promptly. More details … Read more
June 11, 2024 at 09:52AM Apple released visionOS 1.2 to address numerous vulnerabilities, with the standout CVE-2024-27812 specific to the Vision Pro headset. The update also prompted new security advisories for iOS, macOS, and other products, consolidating CVEs. The vulnerabilities could lead to code execution, information disclosure, and DoS, with the acknowledged researcher considering it … Read more
June 7, 2024 at 06:18AM Apple has announced that its latest iPhones will receive security updates for at least five years to comply with new UK government regulations. The regulations include unique passwords, reporting security issues, and a minimum security update period. However, Google and Samsung have committed to seven years of security updates, resulting … Read more
June 3, 2024 at 05:46PM The European Union’s Digital Markets Act allowed sideloading on iOS devices in Europe, prompting concerns about security. Apple’s notarization process and real-time monitoring aim to mitigate these risks, distinguishing it from Android’s open approach. Nonetheless, Apple’s notarization may not prevent all malicious apps, and the extent of sideloading’s impact on … Read more
May 14, 2024 at 11:59AM Apple released security updates to address the CVE-2024-27834 zero-day vulnerability in Safari. The flaw was exploited during Pwn2Own Vancouver, earning the discoverer $60,000. The update is available for macOS Monterey and macOS Ventura, with instructions to update Safari separately from the operating system. Pwn2Own Vancouver 2024 resulted in $1,132,500 in … Read more