A security flaw named LeftoverLocals lets attackers access data that has been processed in a device's GPU, and while Apple says A17 iPhone and M3 Macs have fixes, older models do not.
After a public disclosure in December, Apple has issued a firmware update for the Magic Keyboard to block a security flaw that allowed an attacker to enter keystrokes through a cloned keyboard connection.
China's claim to have cracked AirDrop to get iPhone users' details has been backed up by security researchers who have been warning Apple for years.
India is targeting Apple with investigations and governmental pressure after the company revealed the country's use of Pegasus spyware against journalists and opposition parties.
Security experts have disclosed an astonishing four-year campaign of iPhone hacking targeting the Russian security company Kaspersky, which has been labeled "the most sophisticated exploit ever."
If a thief can steal an iPhone and passcode, they can lock the user out of their Apple ID and wreak havoc within seconds, but Apple's Stolen Device Protection feature coming in iOS 17.3 will stop that from happening.
A year after claiming user privacy breaches were at an historic high, Apple's new report says they're now risen 20% more in the US alone.
Apple has updated iOS, iPadOS, and macOS Sonoma with new updates that fix two actively exploited WebKit bugs that could leak personal data to attackers.
Apple users could be affected by newly discovered Bluetooth flaws, allowing attackers to impersonate devices — even those with the newest version of Bluetooth.
North Korea is becoming more of an online threat, with its hackers conducting multiple campaigns and frequently targeting macOS.
The United States, United Kingdom, and 16 other countries want to keep the development of AI systems secure, but a framework issued by the group offers common sense recommendations, and lacks firm action points.
A profile covering Apple's Paris-based efforts to break its own security shows the lengths the iPhone maker will go to prevent tools like Pegasus from accessing vulnerable users' data.
Nothing and Sunbird pulled the shockingly insecure iMessage bridge, but only after it was discovered that not only did Sunbird log and retain messages, vCards, and more, but that retained user data could also be downloaded by others.
Despite the Nothing company co-founder claiming that its chat service that bridges iMessage would be end-to-end encrypted, the source code appears to reveal quite the opposite.
Jamf Threat Labs has discovered a new malware strain that appears to be connected to BlueNoroff, a group that often attacks businesses in the financial sector.
Using unique and strong passwords for every website is a must for internet security. Too few people know how to do this, and that's where the best password managers come in and can make online life easier.
Apple introduced a feature that would hide a user's permanent MAC address in 2020, but it's been virtually useless until iOS 17.1 thanks to a now patched vulnerability.
Spectre can't stay dead despite numerous attempts by Apple to patch it, with iLeakage the latest attack vector to utilize speculative execution demonstrated by researchers.
PostScript, the venerable page description language dating back to Macs in the '80s, has finally hit the end of the road in macOS Sonoma.
Malware called "MetaStealer" is being used by hackers to attack businesses and to steal data from Intel-based Macs, with techniques including posing as legitimate app installers.
{{ summary }}
William Gallagher
Mike Wuerthele
Andrew Orr
Wesley Hilliard
Malcolm Owen
Charles Martin
Peter Cohen
