Tag: apple
-
Apple made strides with iOS 26 security, but leaked hacking tools still leave millions exposed to spyware attacks
Leaked hacking tools threaten the security of millions of older iPhones. Cybersecurity experts weigh in. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/26/apple-made-strides-with-ios-26-security-but-leaked-hacking-tools-still-leave-millions-exposed-to-spyware-attacks/
-
Apple rolls out age verification to UK iPhone users
The age filters will be turned on by default, meaning that all users, including adults, will have to prove their age via credit card and other payment methods on file or by submitting an ID to be scanned. First seen on therecord.media Jump to article: therecord.media/apple-rolls-out-age-verification-uk-iphone-users
-
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Triangulation campaign back in 2023, according to new findings from Kaspersky.”When Coruna was first reported, the public evidence wasn’t sufficient to link…
-
Enterprise PCs are unreliable, unpatched, and unloved compared to Macs
Omnissa telemetry suggests business buyers are loving Apple and Google First seen on theregister.com Jump to article: www.theregister.com/2026/03/25/omnissa_digital_workspace_report/
-
Predator – Spyware kann Apple-Geräte über Kamera und Mikro ausspionieren
First seen on security-insider.de Jump to article: www.security-insider.de/predator-spyware-deaktiviert-iphone-aufnahmeindikatoren-a-31f027ed8d5e7001b679d4a7fbd88d55/
-
FriendlyDealer mimics official app stores to push unvetted gambling apps
Think you’re downloading from Google or Apple? 1,500+ fake app store sites look like the real thing, but push unvetted, cloned web-based casino apps. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/friendlydealer-mimics-official-app-stores-to-push-unvetted-gambling-apps/
-
MioLab MacOS Stealer Expands With ClickFix, Wallet Theft, Team APIs
As Apple’s macOS footprint grows in both consumer and enterprise environments, dedicated infostealers like MioLab (aka Nova) show that Macs are no longer a niche target but a priority for cybercrime ecosystems. Marketed as a premium Malware”‘as”‘a”‘Service (MaaS) on Russian”‘language forums, MioLab combines an evasive macOS binary with a mature web panel, new ClickFix delivery…
-
CISA Issues Warning on Apple Vulnerabilities Exploited Through DarkSword iOS Chain
Tags: advisory, apple, cisa, cyber, cybersecurity, exploit, flaw, infrastructure, kev, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding three critical security flaws affecting the Apple ecosystem. Officially added to the Known Exploited Vulnerabilities (KEV) catalog on March 20, 2026, these bugs are actively being abused in the wild. Attackers are stringing these specific flaws together to deploy a highly sophisticated…
-
U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CISA added the three…
-
Apple schließt kritische Webkit-Lücke: Wie du das versteckte Sicherheitsupdate findest
Tags: appleFirst seen on t3n.de Jump to article: t3n.de/news/apple-sicherheitsupdate-besonders-1734778/
-
CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws impacting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) catalog, urging federal agencies to patch them by April 3, 2026.The vulnerabilities that have come under exploitation are listed below -CVE-2025-31277 (CVSS score: 8.8) – A vulnerability in…
-
TDL 018 – How To Think, Not What To Think – Mitch Prior
Tags: access, ai, apple, attack, backup, blockchain, business, cctv, china, ciso, cloud, computer, conference, control, credentials, cvss, cyber, cybersecurity, data, defense, detection, exploit, finance, firmware, google, infrastructure, intelligence, Internet, iot, jobs, law, mail, malware, military, network, phone, privacy, resilience, risk, router, software, strategy, switch, technology, threat, tool, vulnerability, wifi, zero-trustThe Human Algorithm in a Zero-Trust World In the latest episode of The Defender’s Log, host David Redekop sits down with cybersecurity expert Mitch Prior to discuss the intersection of high-tech security and human intuition. From their first meeting in 2018″, the early days of Zero Trust”, the duo explores why the “why” behind technical…
-
Fake ‘Trusted Sender’ Labels Misused in New Apple Mail Phishing Scheme
Fake “trusted sender” labels can mislead users, as scammers embed them into email bodies to disguise phishing emails and create a false sense of security. The post Fake ‘Trusted Sender’ Labels Misused in New Apple Mail Phishing Scheme appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-mail-trusted-sender-phishing-scam/
-
Apple Mail’s ‘Trusted Sender’ Label Misused in New Phishing Scheme
Apple Mail’s “trusted sender” label can mislead users, as scammers exploit it to disguise phishing emails and create a false sense of security. The post Apple Mail’s ‘Trusted Sender’ Label Misused in New Phishing Scheme appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-mail-trusted-sender-phishing-scam/
-
Man pleads guilty to $8 million AI-generated music scheme
Michael Smith, 54, admitted to inflating streaming numbers for hundreds of thousands of AI-generated songs by deploying thousands of fake accounts across major platforms, including Amazon Music, Apple Music, Spotify and YouTube Music. First seen on therecord.media Jump to article: therecord.media/man-pleads-guilty-8-million-ai-music-scheme
-
Apple urges iPhone users to update as Coruna and DarkSword exploit kits emerge
Apple warns that outdated iPhones are vulnerable to Coruna and DarkSword exploit kits and urges users to update iOS. Apple has warned that iPhones running outdated iOS versions are at risk from exploit kits like Coruna and DarkSword. These attacks use malicious web content to trigger infection chains that can steal sensitive data. Users are…
-
Musician admits to $10M streaming royalty fraud using AI bots
North Carolina musician Michael Smith has pleaded guilty to collecting over $10 million in royalty payments through a massive streaming royalty fraud scheme on Spotify, Apple Music, Amazon Music, and YouTube Music. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/musician-pleads-guilty-to-10m-streaming-fraud-powered-by-ai-bots/
-
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword.These attacks employ malicious web content to target out-of-date versions of iOS, triggering an infection chain that leads to the theft of sensitive data.”For…
-
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users who are still running an outdated version of iOS to update their iPhones to secure against web-based attacks carried out via powerful exploit kits like Coruna and DarkSword.These attacks employ malicious web content to target out-of-date versions of iOS, triggering an infection chain that leads to the theft of sensitive data.”For…
-
New Apple Hack: Up to 270M iPhones Vulnerable to ‘DarkSword’ Exploit
Researchers uncover “DarkSword,” a powerful iPhone exploit targeting millions via compromised websites. Learn how it works and how to protect your device. The post New Apple Hack: Up to 270M iPhones Vulnerable to ‘DarkSword’ Exploit appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-darksword-iphone-exploit-ios-vulnerability/
-
Apple Patches WebKit Vulnerability CVE-2026-20643 Across iOS, macOS
Apple has released a new security update to address a critical WebKit vulnerability tracked as CVE-2026-20643. The vulnerability was identified as a cross-origin issue within the Navigation API of WebKit, the browser engine that underpins Safari and other web-based functionality across iOS, iPadOS, and macOS. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/webkit-vulnerability-fixed-in-apple-update/
-
Apple issues first Background patch for WebKit browser flaw
Apple’s first ever Background Security Update fixes a WebKit browser engine bug that could enable threat actors to see and steal important data from their victims First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640323/Apple-issues-first-Background-patch-for-WebKit-browser-flaw
-
DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover
A new exploit kit for Apple iOS devices designed to steal sensitive data from is being wielded by multiple threat actors since at least November 2025, according to reports from Google Threat Intelligence Group (GTIG), iVerify, and Lookout.According to GTIG, multiple commercial surveillance vendors and suspected state-sponsored actors have utilized the full-chain exploit kit, codenamed…
-
Big moves in Linux filesystems as new bcachefs lands and KDE adds support for Apple’s APFS
Linux still can’t mount or read APFS volumes by default … but that’s about to change First seen on theregister.com Jump to article: www.theregister.com/2026/03/17/bcachefs_and_apfs_news/
-
New iOS Exploit Uses Advanced iPhone Hacking Tools to Steal Personal Data
Google Threat Intelligence Group (GTIG) has uncovered a highly sophisticated iOS full-chain exploit dubbed DarkSword. Active since November 2025, this exploit leverages multiple zero-day vulnerabilities to compromise Apple devices running iOS 18.4 through 18.7 fully. DarkSword is highly unusual because it relies entirely on JavaScript throughout its exploit chain, thereby mitigating the need for a…
-
Smashing Security podcast #459: This clever scam nearly hijacked a tech CEO’s Apple ID
In episode 459 of Smashing Security, we dive into a chillingly clever account takeover attempt targeting WordPress co-founder Matt Mullenweg – involving MFA fatigue, real Apple alerts, a convincing support call, and a phishing page that oh-so-nearly worked. If a famous techie could have this happen to you, can you be sure you’re immune? First…
-
Apple Rolls Out Real-Time Security Fixes Across iPhone, iPad, and Mac
Apple launches Background Security Improvements to fix vulnerabilities in real time, starting with a WebKit flaw affecting Safari on iPhone, iPad, and Mac. The post Apple Rolls Out Real-Time Security Fixes Across iPhone, iPad, and Mac appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-background-security-improvements-webkit-fix/
-
Apple patches WebKit bug that could let sites access your data
Apple has released a Background Security Improvement that silently fixes a WebKit vulnerability (CVE-2026-20643). First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/apple-patches-webkit-bug-that-could-let-sites-access-your-data/
-
Apple WebKit Security Flaw Exposes iOS and macOS Users to Content-Based Bypass Attacks
Apple has released emergency security updates to address a critical WebKit vulnerability that currently exposes iPhone, iPad, and Mac users to sophisticated content-based bypass attacks. Delivered seamlessly via the Background Security Improvements mechanism on March 17, 2026, this targeted patch secures Apple devices against potential Same Origin Policy violations without requiring a full operating system…
-
Apple starts issuing lightweight security updates between software releases
Apple is delivering small security updates, called Background Security Improvements, starting with iOS 26.1, iPadOS 26.1, and macOS 26.1. Apple describes Background Security … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/18/apple-background-security-improvements-updates/