Exploitable WebKit flaw still present in iOS and macOS despite available fix
Apple has not yet patched a WebKit vulnerability present in iOS and macOS despite a fix for the flaw being available for weeks.
Apple has not yet patched a WebKit vulnerability present in iOS and macOS despite a fix for the flaw being available for weeks.
A minor security vulnerability "baked into" Apple Silicon is giving a security researcher an avenue to poke fun at overly dramatic reveals and poor coverage of chip errata.
Apple in macOS Big Sur 11.4 patched a zero-day vulnerability that could allow attackers to secretly take screenshots or record video of a user's screen by hijacking existing app permissions.
Craig Federighi, Apple's head of software engineering, said that the Mac is not currently meeting the bar for customer security set by iOS and that the platform has an unacceptable level of malware.
BlackBerry's cybersecurity team has shared a new report that details how to emulate an ARM macOS kernel on Intel chips for Apple Silicon security research.
Apple has updated its Platform Security Guide, providing more information about how the Unlock with Apple Watch feature in iOS 14.5 and Touch ID on the iMac Magic Keyboard works.
In a major security and privacy lapse, for an hour on Monday morning, users of Eufy cameras discovered that cameras owned by other users were viewable in their app instead of their own, and settings could be changed by those granted bogus access as well.
If Apple loses its trial with Epic Games, it could be eventually forced into making radical changes to the App Store and how consumers spend money within its ecosystem. Here are the likeliest scenarios, and what Apple would have to do to satisfy a ruling.
Apple is researching ways to allow multiple users to benefit from Touch ID, or similar biometric systems, while keeping the protection of the current secure enclave.
Security researchers investigating the Find My network used by Apple's AirTags, have been able to piggyback on the system to send data that Apple can neither monitor nor, apparently, prevent.
A database used to operate an Amazon fake reviews scam has leaked in a data breach, with the data trove revealing personal data for at least 200,000 people.
Apple's AirTag can be hacked and its software modified, a security researcher has discovered, with an exploration of the microcontroller revealing elements can be reprogrammed to change what specific functions do.
A total of 128 million iOS users downloaded apps that were affected by the XcodeGhost malware in 2015, according to emails revealed during the Epic Games v. Apple trial.
Alongside iOS 14.5.1, Apple has issued a minor point update to macOS Big Sur 11.3, with both releases containing security fixes for two vulnerabilities that the company says may have been exploited in the wild.
Security researchers have found new versions of chip flaws affecting Intel and AMD processors that get around existing mitigations for Spectre attacks, resurrecting vulnerabilities that may affect Intel-based Macs.
Because of a crippling vulnerability, Cellebrite disabled the iPhone data extraction feature on its Physical Analyzer tool.
Apple in macOS Big Sur 11.3 fixed a bug that could have allowed attackers to bypass the Mac's security mechanisms with a malicious document.
Researchers have demonstrated a theoretical risk of AirDrop sharing an iPhone user's phone number and email address with strangers.
The CEO of secure messaging app Signal has hacked a phone unlocking device made by Cellebrite, revealing critical vulnerabilities that could be used against police investigators.
Schematics stolen from Apple supplier Quanta Computer by ransomware gang REvil seemingly confirm that MagSafe, an SD card slot, and HDMI will be coming to a future MacBook Pro.
{{ summary }}