Tag: apple
-
GarageBand: Böser Fehler kann zu Code-Ausführung führen
Die Mac-Version von Apples Gratis-DAW enthält eine Lücke, die sich offenbar durch Angreifer ausnutzen lässt. Ein Update liegt vor. First seen on heise.de Jump to article: www.heise.de/news/GarageBand-Boeser-Fehler-kann-zu-Code-Ausfuehrung-fuehren-10265857.html
-
Week in review: Apple 0-day used to target iPhones, DeepSeek’s popularity exploited by scammers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple zero-day vulnerability exploited to target iPhone users … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/02/week-in-review-apple-0-day-used-to-target-iphones-deepseeks-popularity-exploited-by-scammers/
-
Sicherheitslücke in vielen iPhones, iPads und Macs: Angreifer können private Browser-Daten stehlen so reagiert Apple
First seen on t3n.de Jump to article: t3n.de/news/sicherheitsluecke-iphones-ipads-macs-browser-daten-stehlen-apple-reaktion-1670654/
-
U.S. CISA adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog
Tags: apple, cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, update, vulnerability, zero-dayU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple products’ flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple Multiple Products Use-After-Free Vulnerability, tracked as CVE-2025-24085, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Apple released security updates to address 2025’s first zero-day vulnerability, tracked as CVE-2025-24085, actively exploited…
-
Apple Patches First Zero-Day Of 2025
First seen on scworld.com Jump to article: www.scworld.com/brief/apple-patches-first-zero-day-of-2025
-
Researchers Find New Side-Channel Attack Methods On Apple Chips
First seen on scworld.com Jump to article: www.scworld.com/brief/researchers-find-new-side-channel-attack-methods-on-apple-chips
-
Researchers uncover new side-channel attack methods on Apple chips
First seen on scworld.com Jump to article: www.scworld.com/brief/researchers-uncover-new-side-channel-attack-methods-on-apple-chips
-
Apple patches first actively exploited zero-day of 2025 on its devices
First seen on scworld.com Jump to article: www.scworld.com/news/apple-patches-first-actively-exploited-zero-day-of-2025-on-its-devices
-
SLAP/FLOP: Apple Silicon’s ‘Son of Spectre’ Critical Flaws
Watch this: Want more “speculative execution” bugs? You’re gonna be in a great mood all day. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/slap-flop-apple-silicon-richixbw/
-
New Apple SLAP FLOP Side-Channel Attacks Let Attackers Steal Login Details From Browser
Researchers from the Georgia Institute of Technology and Ruhr University Bochum have uncovered two novel speculative execution attacks, named SLAP (Speculative Data Attacks via Load Address Prediction) and FLOP (Breaking the Apple M3 CPU via False Load Output Predictions). These vulnerabilities impact Apple Silicon chips, exposing critical security risks in devices built on the M2/A15…
-
Zwei Sidechannel-Attacken auf Apples M-Prozessoren
Die schwerwiegenden Sicherheitslücken lassen sich für Angriffe auf Webbrowser aus der Ferne nutzen. Betroffen sind viele Mobil- und Desktop-Geräte von Apple. First seen on heise.de Jump to article: www.heise.de/news/Zwei-Sidechannel-Attacken-auf-Apples-M-Prozessoren-10260783.html
-
New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones
New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices. The post New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-slap-and-flop-cpu-attacks-expose-data-from-apple-computers-phones/
-
New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits
A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome.The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and…
-
Apple Fixes Critical Cyber Threats, Including Actively Exploited Zero-Day
Apple has rolled out a series of software updates to patch several critical vulnerabilities, including a zero-day flaw that had been actively exploited in the wild. The Apple security updates fix various security issues, notably a use-after-free bug affecting the Core Media component of Apple’s operating systems, which could allow malicious applications to elevate privileges.…
-
Datenklau möglich: Neue CPU-Lücken gefährden iPhones, iPads und Macs
Zwei neue Angriffstechniken zielen auf Apple-Chips ab. Angreifer können aus der Ferne E-Mails, Zahlungsdaten und andere sensible Informationen abgreifen. First seen on golem.de Jump to article: www.golem.de/news/datenklau-moeglich-neue-cpu-luecken-gefaehrden-iphones-ipads-und-macs-2501-192834.html
-
SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon
It’s another cousin of Spectre, here to read your email, browsing history, and more First seen on theregister.com Jump to article: www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/
-
Apple chips can be hacked to leak secrets from Gmail, iCloud, and more
Side channel gives unauthenticated remote attackers access they should never have. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/01/newly-discovered-flaws-in-apple-chips-leak-secrets-in-safari-and-chrome/
-
Apple zero-day vulnerability under attack on iOS devices
Apple said the zero-day vulnerability, tracked as CVE-2025-24085, affects its Core Media framework and “may have been actively exploited against versions of iOS before iOS 17.2.” First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618572/Apple-zero-day-vulnerability-under-attack-on-iOS-devices
-
New Apple CPU side-channel attacks steal data from browsers
A team of security researchers has disclosed new side-channel vulnerabilities in modern Apple processors that could steal sensitive information from web browsers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/
-
New Apple CPU side-channel attacks steals data from browsers
A team of security researchers has disclosed new side-channel vulnerabilities in modern Apple processors that could steal sensitive information from web browsers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-apple-cpu-side-channel-attack-steals-data-from-browsers/
-
Apple’s latest patch closes zero-day affecting wide swath of products
The zero-day impacts Apple’s framework that manages audio and video playback. First seen on cyberscoop.com Jump to article: cyberscoop.com/apple-security-update-zero-day-january-2025/
-
Apple fixes zero-day flaw affecting all devices
The zero-day bug was fixed in iPhones, iPads, Macs, Apple TVs, Apple Watches and Vision Pro headsets. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/28/apple-fixes-zero-day-flaw-affecting-all-devices/
-
iPhone users targeted in Apple’s first zero-day exploit in 2025
Apple iPhone users were targeted for privilege escalation in the zero-day exploitation of a use-after-free vulnerability affecting Apple’s Core Media framework.”A malicious application may be able to elevate privileges,” Apple said in the security update description. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS before…
-
Apple Patches First Exploited iOS Zero-Day of 2025
Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/apple-patches-first-exploited-ios-zero-day-of-2025/
-
Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)
Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/28/apple-zero-day-vulnerability-exploited-to-target-iphone-cve-2025-24085/
-
Apple Security Update Patch for iOS Zero-day, MacOS More
Apple has responded to a newly discovered zero-day vulnerability affecting its operating systems by releasing an array of security updates to protect users from potential exploitation. The updates span iOS, iPadOS, macOS, watchOS, tvOS, visionOS, and Safari, demonstrating Apple’s commitment to user security and privacy. Patch Details The updates, released on January 27, 2025, include…
-
DeepSeek hit by cyberattack and outage amid breakthrough success
Tags: access, ai, apple, attack, ceo, china, compliance, control, cyberattack, cybersecurity, data, detection, encryption, finance, GDPR, google, group, HIPAA, infrastructure, malicious, nvidia, open-source, risk, saas, service, startup, technology, threat, tool, training, vulnerabilityChinese AI startup DeepSeek said it was hit by a cyberattack, prompting the company to restrict user registrations and manage website outages as demand for its AI assistant soared.According to the company’s status page, DeepSeek has been investigating the issue since late evening Beijing time on Monday.”Due to large-scale malicious attacks on DeepSeek’s services, registration…
-
Apple plugs security hole in its iThings that’s already been exploited in iOS
Cupertino kicks off the year with a zero-day First seen on theregister.com Jump to article: www.theregister.com/2025/01/28/apple_cve_2025_24085/
-
iOS 18.3 Release: Apple gibt Update für iPhones & Co frei
Die jüngsten Updates für iPhones, iPads und Macs bringen überschaubare Neuerungen. Eine grundlegende Änderung gibt es bei Apple Intelligence. First seen on heise.de Jump to article: www.heise.de/news/iOS-18-3-Release-Apple-gibt-Update-fuer-iPhones-Co-frei-10258289.html