Tag: apple

Apple doubles maximum bug bounty to $2M for zero-click RCEs

Oct 11, 2025 5:24 AM

Tags: apple, bug-bounty, exploit, rce, remote-code-execution

Apple raised bug bounties to $2M for zero-click RCEs, doubling payouts. Since 2020, it’s paid $35M to 800 researchers. Apple doubled its bug bounty rewards, now offering up to $2 million for zero-click remote code execution flaws. Since 2020, the tech giant has paid $35M to 800 researchers. Apple aims to pay exploit chains comparable…
Apple bumps RCE bug bounties to $2M to counter commercial spyware vendors

Oct 10, 2025 10:24 PM

Tags: access, apple, attack, bug-bounty, control, exploit, flaw, iphone, rce, remote-code-execution, risk, software, spyware

Higher difficulty means higher rewards: The culmination of that work is what Apple now calls Memory Integrity Enforcement (MIE) and is a feature of its new A19 and A19 Pro chips found in its iPhone 17 and iPhone Air lineup. MIE is leveraged in iOS to protect the entire kernel and over 70 userland processes,…
Apple now offers $2 million for zero-click RCE vulnerabilities

Oct 10, 2025 7:24 PM

Tags: apple, bug-bounty, rce, remote-code-execution, vulnerability

Apple is announcing a major expansion and redesign of its bug bounty program, doubling maximum payouts, adding new research categories, and introducing a more transparent reward structure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apple-now-offers-2-million-for-zero-click-rce-vulnerabilities/
Sicherheitslücken finden: Apple schreibt zwei Millionen Dollar an Bug-Bounties aus

Oct 10, 2025 5:23 PM

Tags: apple

Insgesamt hat Apple laut eigenen Aussagen bereits mehr als 800 Bug-Bounties ausgezahlt – jeweils im Wert von fast 40.000 Euro. First seen on golem.de Jump to article: www.golem.de/news/sicherheitsluecken-finden-apple-schreibt-zwei-millionen-dollar-an-bug-bounties-aus-2510-201050.html
Apple offers $2 million for zero-click exploit chains

Oct 10, 2025 4:23 PM

Tags: apple, bug-bounty, exploit

Apple bug bounty program’s categories are expanding and rewards are rising, and zero-click exploit chains may now earn researchers up to $2 million. >>Our bonus … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/10/apple-bug-bounty-rewards-zero-click/
Apple offers $2 million for zero-click exploit chains

Oct 10, 2025 4:23 PM

Tags: apple, bug-bounty, exploit

Apple bug bounty program’s categories are expanding and rewards are rising, and zero-click exploit chains may now earn researchers up to $2 million. >>Our bonus … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/10/apple-bug-bounty-rewards-zero-click/
Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits

Oct 10, 2025 12:23 PM

Tags: apple, bug-bounty, exploit, iphone, spyware

With the mercenary spyware industry booming, Apple VP Ivan KrstiÄ‡ tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million. First seen on wired.com Jump to article: www.wired.com/story/apple-announces-2-million-bug-bounty-reward/
Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits

Oct 10, 2025 12:23 PM

Tags: apple, bug-bounty, exploit, iphone, spyware

With the mercenary spyware industry booming, Apple VP Ivan KrstiÄ‡ tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million. First seen on wired.com Jump to article: www.wired.com/story/apple-announces-2-million-bug-bounty-reward/
Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits

Oct 10, 2025 12:23 PM

Tags: apple, bug-bounty, exploit, iphone, spyware

With the mercenary spyware industry booming, Apple VP Ivan KrstiÄ‡ tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million. First seen on wired.com Jump to article: www.wired.com/story/apple-announces-2-million-bug-bounty-reward/
Apple Took Down These ICE-Tracking Apps. The Developers Aren’t Giving Up

Oct 9, 2025 8:24 PM

Tags: apple

“We are going to do everything in our power to fight this,” says ICEBlock developer Joshua Aaron after Apple removed his app from the App Store. First seen on wired.com Jump to article: www.wired.com/story/apple-took-down-ice-tracking-apps-their-developers-arent-giving-up/
ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More

Oct 9, 2025 4:23 PM

Tags: ai, apple, attack, breach, cloud, crypto, cyber, exploit, mfa, risk, social-engineering, threat

Cyber threats are evolving faster than ever. Attackers now combine social engineering, AI-driven manipulation, and cloud exploitation to breach targets once considered secure. From communication platforms to connected devices, every system that enhances convenience also expands the attack surface.This edition of ThreatsDay Bulletin explores these converging risks and the safeguards that help First seen on…
MacBook Pro mit M5-Chip: Apples neuer Laptop könnte schon im Oktober kommen

Oct 9, 2025 11:23 AM

Tags: apple

First seen on t3n.de Jump to article: t3n.de/news/macbook-pro-mit-m5-chip-apples-neuer-laptop-koennte-schon-im-oktober-kommen-1711231/
Scattered Spider Moves from Data Leaks to Insider-Powered Access Markets Targeting Microsoft, Apple, and More

Oct 7, 2025 10:35 AM

Tags: access, apple, data, group, leak, microsoft, network, ransomware, service, strategy, threat

Scattered Spider has shifted its operational strategy, moving away from chaotic data leaks toward a more structured and professional model of cybercrime. Now functioning as a hybrid of Ransomware-as-a-Service (RaaS) and insider threat operations, the group is building a network of internal collaborators within some of the world’s largest tech and telecom companies, including Microsoft…
Leaked Apple iPad Pro M5 benchmark shows massive improvements

Oct 5, 2025 12:35 AM

Tags: apple, data-breach

A new leaked benchmark shows Apple’s alleged M5 chip on an iPad, and it’s almost as fast as a desktop CPU. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/technology/leaked-apple-ipad-pro-m5-benchmark-shows-massive-improvements/
Leaked Apple iPad Pro M5 benchmark shows it’s faster than some laptop CPUs

Oct 4, 2025 11:35 PM

Tags: apple, data-breach

A new leaked benchmark shows Apple’s alleged M5 chip on an iPad, and it’s almost as fast as a desktop CPU. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/technology/leaked-apple-ipad-pro-m5-benchmark-shows-its-faster-than-some-laptop-cpus/
Leaked Apple iPad Pro M5 benchmark shows it’s faster than some laptop CPUs

Oct 4, 2025 11:35 PM

Tags: apple, data-breach

A new leaked benchmark shows Apple’s alleged M5 chip on an iPad, and it’s almost as fast as a desktop CPU. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/technology/leaked-apple-ipad-pro-m5-benchmark-shows-its-faster-than-some-laptop-cpus/
Apple and Google Pull ICE-Tracking Apps, Bowing to DOJ Pressure

Oct 4, 2025 1:35 PM

Tags: apple, china, google, russia, scam

Plus: China sentences scam bosses to death, Europe is ramping up its plans to build a “drone wall” to protect against Russian airspace violations, and more. First seen on wired.com Jump to article: www.wired.com/story/apple-and-google-pull-ice-tracking-apps-bowing-to-doj-pressure/
Apple and Google Pull ICE-Tracking Apps, Bowing to DOJ Pressure

Oct 4, 2025 1:35 PM

Tags: apple, china, google, russia, scam

Plus: China sentences scam bosses to death, Europe is ramping up its plans to build a “drone wall” to protect against Russian airspace violations, and more. First seen on wired.com Jump to article: www.wired.com/story/apple-and-google-pull-ice-tracking-apps-bowing-to-doj-pressure/
Apple and Google Pull ICE-Tracking Apps, Bowing to DOJ Pressure

Oct 4, 2025 1:35 PM

Tags: apple, china, google, russia, scam

Plus: China sentences scam bosses to death, Europe is ramping up its plans to build a “drone wall” to protect against Russian airspace violations, and more. First seen on wired.com Jump to article: www.wired.com/story/apple-and-google-pull-ice-tracking-apps-bowing-to-doj-pressure/
Apple strengthens storage flexibility with new disk image formats

Oct 3, 2025 7:41 AM

Tags: apple, macOS

Apple’s release of macOS 26 Tahoe introduced a new disk image format and updated an older one, both of which are drawing attention from system testers and forensic examiners. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/03/apple-disk-image-format/
Hohes Sicherheitsrisiko: BSI warnt vor kritischer Lücke in Apples iOS, iPadOS und macOS

Oct 3, 2025 7:41 AM

Tags: apple, bsi, macOS

First seen on t3n.de Jump to article: t3n.de/news/sicherheitsrisiko-bsi-luecke-apples-ios-ipados-macos-1710284/
Großbritannien drängt weiter auf Backdoor für die iCloud

Oct 2, 2025 1:41 PM

Tags: access, apple, backdoor

Apple soll den Zugriff auf verschlüsselte iCloud-Daten britischer Bürger ermöglichen. Die Backdoor könnte bei allen Nutzern missbraucht werden. First seen on golem.de Jump to article: www.golem.de/news/apple-grossbritannien-draengt-weiter-auf-backdoor-fuer-die-icloud-2510-200749.html
Home Office issues new ‘backdoor’ order over Apple encryption

Oct 2, 2025 11:41 AM

Tags: access, apple, backdoor, data, encryption, office, service

A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632159/Home-Office-issues-new-back-door-order-over-Apple-encryption
Home Office issues new ‘back door’ order over Apple encryption

Oct 2, 2025 1:41 AM

Tags: access, apple, cloud, data, encryption, office

New Home Office Technical Capability Notice (TCN) requires Apple to provide access to encrypted data and messages of British users stored on Apple’s cloud service. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632159/Home-Office-issues-new-back-door-order-over-Apple-encryption
Apple’s first iOS 26 security update fixes memory corruption flaw

Sep 30, 2025 7:09 PM

Tags: apple, flaw, iphone, mobile, update, vulnerability

Apple issues an update for its brand new iOS 26 mobile operating system, fixing a potentially dangerous vulnerability affecting iPhones, iPads and other Mac devices First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632180/Apples-first-iOS-26-security-update-fixes-memory-corruption-flaw
New Smish: New York Department of Revenue

Sep 30, 2025 4:08 PM

Tags: access, android, apple, authentication, breach, browser, china, chrome, credit-card, data, dns, group, iphone, mobile, nfc, phishing, phone, scam, software, spam, strategy, usa, windows

As I was visiting SmishTank to report the most recent SMish that I had received (an iMessage from a +27 South African telephone number claiming to be from ParkMobile) I noticed there had been many recent submissions from the New York Department of Revenue. SmishTank is operated by Professor Muhammad Lutfor Rahman, a colleague of mine…
Apple Security Update Addresses Critical Font Parser Vulnerability Across Multiple Platforms

Sep 30, 2025 4:08 PM

Tags: apple, macOS, update, vulnerability

Apple has rolled out a series of important security updates across multiple platforms, addressing a vulnerability affecting the system font parser. These Apple security updates cover iOS, iPadOS, macOS, visionOS, watchOS, and tvOS. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apple-security-updates/
Apple Font Parser Vulnerability Allowing Memory Corruption Attacks

Sep 30, 2025 10:10 AM

Tags: apple, attack, cyber, exploit, flaw, macOS, update, vulnerability

Apple has released a security update for macOS Sequoia 15.7.1 to address a serious vulnerability in its font parser. The flaw, tracked as CVE-2025-43400, allows a maliciously crafted font file to trigger an out-of-bounds write. Exploitation could cause unexpected application crashes or corrupt process memory on affected systems. Apple patched this issue on September 29, 2025, as…
WhatsApp 0-Click Flaw Abused via Malicious DNG Image File

Sep 29, 2025 3:08 PM

Tags: apple, attack, cve, cyber, exploit, flaw, macOS, malicious, remote-code-execution

A newly discoveredzero-click remote code execution (RCE)vulnerability in WhatsApp is putting millions of Apple users at risk. Researchers from DarkNavyOrg have demonstrated a proof-of-concept (PoC) exploit that leverages two distinct flaws to compromise iOS, macOS, and iPadOS devices without any user interaction. The attack chain begins with CVE-2025-55177, a critical logic error in WhatsApp’s message…
Google Project Zero Exposes ASLR Bypass Vulnerability in Apple’s Serialization Framework

Sep 29, 2025 1:08 PM

Tags: apple, exploit, framework, google, vulnerability

Google Project Zero has revealed a new technique capable of bypassing Address Space Layout Randomization (ASLR) protections on Apple devices. The finding, published by security researcher Jann Horn, stresses a novel way attackers could exploit deterministic behaviors in Apple’s serialization framework, specifically within First seen on thecyberexpress.com Jump to article: thecyberexpress.com/project-zero-exposes-aslr-bypass/