Security News > 2020 > May > 'iOS security is f**ked' says exploit broker Zerodium: Prices crash for taking a bite out of Apple's core tech
On Wednesday, the software exploit broker said it won't pay anything for some iOS bugs due to an oversupply.
Apple's iOS 13 has been particularly buggy, enough that SVP of software engineering Craig Federighi reportedly overhauled the company's internal software testing process to avoid a repeat when iOS 14 arrives later this year.
The market for iOS vulnerabilities took a hit last September when Zerodium said for the first time that it would pay more for flaws in Android than in iOS. That was a month after Google's Project Zero disclosed five privilege escalation exploit chains affecting iOS versions 10-12.
Asked whether Zerodium's statement reflects the actual state of iOS security or should be taken as a company just trying to make waves, Patrick Wardle, principal security researcher at Jamf Security and founder of Objective-See, told The Register that it's probably a bit of both.
"To iOS security researchers/hackers, it's unlikely that Zerodium's statement comes as a surprise," he said.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/05/14/zerodium_ios_flaws/
Related news
- DeepSeek's iOS app is a security nightmare, and that's before you consider its TikTok links (source)
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- iOS 18 settings to lock down your privacy and security (source)
- How to safely dispose of old tech without leaving a security risk (source)
- Global Pressure Mounts for Apple as Brazilian Court Demands iOS Sideloading Within 90 Days (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (source)