Security News

Apple will reportedly unveil a standalone password manager named 'Passwords' as part of iOS 18, iPadOS 18, and macOS 15 during the upcoming Apple Worldwide Developers Conference. According to sources speaking to Bloomberg, the app will be powered by Apple's iCloud Keychain, the current built-in password management system for macOS and iOS. While Keychain is a full-fledged password management tool that allows you to generate and store passwords for accounts you log in to and sync them between devices, it is hidden away in the settings, making it a bit cumbersome.

Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS zero-day tagged as exploited in attacks. Apple has yet to disclose who disclosed the zero-day or whether it was discovered internally, and it has provided no information on the nature of the attacks exploiting it in the wild.

Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks. Today, Apple backported the March security updates to address this security flaw on iOS 16.7.8, iPadOS 16.7.8, and macOS Ventura 13.6.7 with improved input validation.

With numerous VPN options available for iPhone users, choosing the right app can be a challenge. To help simplify the selection process, we have curated a list of the best VPNs for iPhone users.

Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. "The latest...

Apple sent a threat notification to iPhone users in 92 countries on April 10 informing them that their device was "Being targeted by a mercenary spyware attack." The alert, sent at 12:00 p.m. Pacific Time, told recipients that the attackers were attempting to "Remotely compromise" their phone and that they were likely being targeted specifically "Because of who you are or what you do." Apple's notification did not identify the alleged attackers, nor did it specify the locations of its recipients. iPhone users who have received the mercenary spyware attack alert should enlist expert cybersecurity help, Apple stated on its dedicated support page.

Apple has been notifying iPhone users in 92 countries about a "Mercenary spyware attack" attempting to remotely compromise their device. "Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID -xxx-," reads the notification.

One thing that makes the service stand out is that it approaches the targets using the Rich Communication Services protocol for Google Messages and iMessage instead of SMS for sending phishing messages. "The Darcula platform has been used for numerous high-profile phishing attacks over the last year, including messages received on both Apple and Android devices in the UK, as well as package scams impersonating United States Postal Service highlighted in numerous posts on Reddit's /r/phishing." - Netcraft.

Apple's latest security patches address four vulnerabilities affecting iOS and iPadOS, including two zero-days that intel suggests attackers have already exploited. Affecting RTKit, Apple's real-time operating system that runs on various devices like AirPods, Apple Watch, and more, its description closely mirrors that of CVE-2024-23225.

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. The company says it addressed the security flaws for devices running iOS 17.4, iPadOS 17.4, iOS 16.76, and iPad 16.7.6 with improved input validation.