Tag: apple
-
16 Billion Passwords Stolen From 320 Million+ Computers Leaked Online
Tags: apple, breach, computer, credentials, cyber, cybersecurity, data, data-breach, github, google, government, identity, Internet, leak, login, password, risk, serviceA staggering 16 billion login credentials, usernames, and passwords have been exposed in what cybersecurity experts are calling the largest data breach in internet history. The leak, which impacts major platforms including Apple, Facebook, Google, Instagram, Telegram, GitHub, and even government services, has put billions of online accounts at unprecedented risk of account takeover, identity…
-
Scammers Insert Fake Support Numbers on Real Apple, Netflix, PayPal Pages
Cybercriminals are injecting fake support phone numbers onto official sites like Bank of America and Netflix. Learn how ‘search parameter injection’ scams work and protect yourself now. First seen on hackread.com Jump to article: hackread.com/scammers-fake-support-numbers-real-apple-netflix-paypal/
-
BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them into installing malware on their Apple macOS devices.Huntress, which revealed details of the cyber intrusion, said the attack targeted an unnamed cryptocurrency foundation employee, who received…
-
U.S. CISA adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple products, and TP-Link routers flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: Last week, Apple confirmed that the now-patched…
-
CISA Alerts: iOS Zero”‘Click Flaw Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert following the discovery and active exploitation of a critical zero-click vulnerability in Apple’s ecosystem, tracked as CVE-2025-43200. This flaw, now patched, enabled attackers to compromise iOS, iPadOS, macOS, watchOS, and visionOS devices without any user interaction, raising alarms across the cybersecurity and…
-
Do you trust Xi with your ‘private’ browsing data? Apple, Google stores still offer China-based VPNs, report says
Some trace back to an outfit under US export controls for alleged PLA links First seen on theregister.com Jump to article: www.theregister.com/2025/06/13/apple_google_chinabased_vpns/
-
Apple fixes zero-click exploit underpinning Paragon spyware attacks
Zero-day potentially tied to around 100 suspected infections in 2025 and a spyware scandal on the continent First seen on theregister.com Jump to article: www.theregister.com/2025/06/13/apple_fixes_zeroclick_exploit_underpinning/
-
Apple confirmed that Messages app flaw was actively exploited in the wild
Apple confirmed that a security flaw in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. Apple confirmed that a now-patched vulnerability, tracked as CVE-2025-43200, in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. The IT giant addressed the flaw…
-
Apple encryption row: Does law enforcement need to use Technical Capability Notices?
History shows that law enforcement can bring successful prosecutions without the need for the Home Office to introduce ‘backdoors’ into end-to-end encryption First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625826/Apple-encryption-row-Does-law-enforcement-need-to-use-Technical-Capability-Notices
-
iPhone-Nutzer attackiert: Zero-Click-Lücke in iOS für Spyware-Attacken missbraucht
Forscher konnten Spyware-Angriffe auf eine gefährliche Sicherheitslücke in iOS zurückführen. Apple hat sie monatelang unter Verschluss gehalten. First seen on golem.de Jump to article: www.golem.de/news/iphone-nutzer-attackiert-zero-click-luecke-in-ios-fuer-spyware-attacken-missbraucht-2506-197105.html
-
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks.The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura…
-
WhatsApp Backs Apple Over Encryption Fight With UK
WhatsApp CEO Says UK Request Sets Dangerous Precedent. Instant messaging app WhatsApp is seeking to join Apple’s legal battle with the U.K. government over end-to-end encryption. Apple is challenging a Home Office order requiring the device maker to provide law enforcement with unencrypted copies of customer data. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/whatsapp-backs-apple-over-encryption-fight-uk-a-28685
-
Coming to Apple OSes: A seamless, secure way to import and export passkeys
Apple OSes will soon transfer passkeys seamlessly and securely across platforms. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/06/apple-previews-new-import-export-feature-to-make-passkeys-more-interoperable/
-
Graphite spyware used in Apple iOS zero-click attacks on journalists
Forensic investigation has confirmed the use of Paragon’s Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/graphite-spyware-used-in-apple-ios-zero-click-attacks-on-journalists/
-
Apple fixes new iPhone zero-day bug used in Paragon spyware hacks
The iPhone maker quietly updated a February security advisory to publicize a flaw that was used to hack at least two journalists in Europe. First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/12/apple-fixes-new-iphone-zero-day-bug-used-in-paragon-spyware-hacks/
-
Paragon spyware activity found on more journalists’ devices
Two European journalists were among the people recently notified by Apple that they had been targeted with spyware by Paragon, according to a report from the Citizen Lab, with one device showing signs of a full infection. First seen on therecord.media Jump to article: therecord.media/paragon-graphite-spyware-journalists-apple-devices-citizen-lab
-
Government using national security as ‘smokescreen’ in Apple encryption row
Senior conservative MP David Davis says the Home Office should disclose how many secret orders it has issued against telecoms and internet companies to Parliament First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625724/Government-using-national-security-as-smokescreen-in-Apple-encryption-row
-
WhatsApp moves to join Apple’s encryption fight with UK government
Apple could have a new ally in its fight with the British government over whether it can be forced to retain access to the content of people’s iCloud accounts in order to comply with legal warrants. First seen on therecord.media Jump to article: therecord.media/whatsapp-uk-encryption-fight-apple
-
Apple Intelligence Is Gambling on Privacy as a Killer Feature
Many new Apple Intelligence features happen on your device rather than in the cloud. While it may not be flashy, the privacy-centric approach could be a competitive advantage. First seen on wired.com Jump to article: www.wired.com/story/apple-intelligence-is-gambling-on-privacy-as-a-killer-feature/
-
Apple tries to contain itself with lightweight Linux VMs for macOS
Swift-based containerization framework aims to improve performance and security First seen on theregister.com Jump to article: www.theregister.com/2025/06/10/apple_tries_to_contain_itself/
-
US lawmakers say UK has ‘gone too far’ by attacking Apple’s encryption
US politicians are calling for Congress to rewrite the US Cloud Act to prevent the UK issuing orders to require US tech companies to introduce ‘backdoors’ in end-to-end encrypted messaging and storage First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625614/US-lawmakers-say-UK-has-gone-too-far-by-attacking-Apples-encryption
-
The Mystery of iPhone Crashes That Apple Denies Are Linked to Chinese Hacking
Plus: A 22-year-old former intern gets put in charge of a key anti-terrorism program, threat intelligence firms finally wrangle their confusing names for hacker groups, and more. First seen on wired.com Jump to article: www.wired.com/story/mystery-of-iphone-crashes-that-apple-denies-are-linked-to-chinese-hacking/
-
UK backdoor order to Apple raises bipartisan concerns
U.S. officials fear that gaps in existing law may enable countries to target U.S. companies with data access requests that harm user privacy and security. First seen on techtarget.com Jump to article: www.techtarget.com/searchcio/news/366625473/UK-backdoor-order-to-Apple-raises-bipartisan-concerns
-
Debatte in Großbritannien: Gestohlene Smartphones sollen Cloudzugang verlieren
Abgeordnete in Großbritannien werfen Apple und Google vor, von Telefondiebstählen zu profitieren und eine einfache Gegenmaßnahme zu blockieren. First seen on golem.de Jump to article: www.golem.de/news/debatte-in-grossbritannien-gestohlene-smartphones-sollen-cloudzugang-verlieren-2506-196842.html
-
Apple Appeals DMA, Says EU Has ‘Deeply Flawed Rules’ That ‘Stifle Innovation’
Apple is appealing EU demands to open iOS to third-party devices, arguing interoperability threatens privacy, security, and user experience. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-appeals-dma-eu-interoperability/
-
Apple iOS Activation Flaw Enables Injection of Unauthenticated XML Payloads
A severe vulnerability in Apple’s iOS activation infrastructure has been uncovered, posing a significant risk to device security during the setup phase. This flaw, identified in the iOS Activation Backend at the endpoint humb.apple.com/humbug/baa, allows attackers to inject unauthenticated XML .plist payloads without any form of sender verification or signature validation. Tested on the latest…
-
Apple Safari exposes users to fullscreen browserthe-middle attacks
A weakness in Apple’s Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-safari-exposes-users-to-fullscreen-browser-in-the-middle-attacks/
-
Microsoft Authenticator Phases Out Password Features and Apple Watch Support
Microsoft is phasing out password features in Authenticator. Transition to Edge for autofill and explore passwordless authentication. Learn more! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/microsoft-authenticator-phases-out-password-features-and-apple-watch-support/