apple
Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks
Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in “extremely sophisticated” attacks. The vulnerability is tracked as CVE-2025-24201 and was found in the WebKit cross-platform web browser engine used by Apple’s Safari web browser and many other apps and web browsers on macOS, iOS, Linux, and Windows. […]
Apple pulls iCloud end-to-end encryption feature in the UK
Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers’ encrypted cloud data. As Apple told GeekFeed on Friday, the optional Advanced Data Protection (ADP) feature introduced in December 2022 will no longer be available for new users in the U.K. starting today. This decision follows a secret […]
Microsoft spots XCSSET macOS malware variant used for crypto theft
A new variant of the XCSSET macOS modular malware has emerged in attacks that target users’ sensitive information, including digital wallets and data from the legitimate Notes app. The malware is typically distributed through infected Xcode projects. It has been around for at least five years and each update represents a milestone in XCSSET’s development. The current […]
Apple fixes zero-day exploited in ‘extremely sophisticated’ attacks
Apple has released emergency security updates to patch a zero-day vulnerability that the company says was exploited in targeted and “extremely sophisticated” attacks. “A physical attack may disable USB Restricted Mode on a locked device,” the company revealed in an advisory targeting iPhone and iPad users. “Apple is aware of a report that this issue may have […]
First Apple-notarized porn app available to iPhone users in Europe
The first Apple-notarized porn app, “Hot Tub,” is now available to iPhone users in Europe through the alternative app marketplace, AltStore PAL. Apple does not allow pornographic or adult content apps on the official Apple App Store. However, to comply with the EU’s Digital Markets Act (DMA), Apple is now required as a “gatekeeper” to allow […]
New Apple CPU side-channel attacks steal data from browsers
A team of security researchers has disclosed new side-channel vulnerabilities in modern Apple processors that could steal sensitive information from web browsers. The Georgia Institute of Technology and Ruhr University Bochum researchers, who presented another attack dubbed ‘iLeakage’ in October 2023, presented their new findings in two separate papers, namely FLOP and SLAP, which show distinct flaws […]
Apple fixes this year’s first actively exploited zero-day bug
Apple has released security updates to fix this year’s first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. The zero-day fixed today is tracked as CVE-2025-24085 [iOS/iPadOS, macOS, tvOS, watchOS, visionOS] and is a privilege escalation security flaw in Apple’s Core Media framework. “A malicious application may be able to elevate privileges. Apple is aware of a report […]
Microsoft: macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. System Integrity Protection (SIP), or ‘rootless,’ is a macOS security feature that prevents malicious software from altering specific folders and files by limiting the root user account’s powers in protected […]
Phishing texts trick Apple iMessage users into disabling protection
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. With so much of our daily activities done from our mobile devices, whether paying bills, shopping, or communicating with friends and colleagues, threat actors increasingly conduct smishing (SMS phishing) attacks against mobile […]
Banshee stealer evades detection using Apple XProtect encryption algo
A new version of the Banshee info-stealing malware for macOS has been evading detection over the past two months by adopting string encryption from Apple’s XProtect. Banshee is an information stealer focused on macOS systems. It emerged in mid-2024 as a stealer-as-a-service available to cybercriminals for $3,000. Its source code was leaked on the XSS forums […]