iOS update reveals a trio of now-patched security vulnerabilities
The recent releases of iOS 14.4 and iPadOS 14.4 fix three security loopholes that, according to Apple, may have been used in real-world attacks.
iMessage zero-click exploit weaponized to surveil journalists
Dozens of journalists at Al Jazeera reportedly fell victim to an eavesdropping campaign with a notorious iMessage interaction-less exploit at its core.
Apple enforces new rigid app privacy requirements
From now on, developers will have to be fair and square about their privacy practices when submitting new apps or updates to Apple’s App Store.
Long-standing Safari bug could fuel misinformation campaigns
The mobile version of Safari is susceptible to a link-sharing feature flaw that could be abused to spread fake news headlines on a large scale.
Here is why sharing your custom iPhone home screen is a bad idea
With the release of iOS 14, users can personalize the look and feel of their iPhone home screen, but this could be a source for security issues.
Apple patches a critical privilege escalation flaw in iOS and iPadOS
The latest iOS 14 and iPadOS 14 have arrived with fixes of multiple security vulnerabilities, one of which is categorized as a severe privilege escalation bug.
Apple Pay may soon get an extra security layer
Evidence suggests that iOS 14 will likely introduce a Wallet feature allowing users to complete in-store purchases via QR codes aside from NFC.
Apple is slow to patch a Safari flaw that leads to data theft
A security enthusiast has published details on a Safari vulnerability Apple was planning to fix only a year after acknowledging the reported bug.
Apple is stepping up app verification through new App Attest API
The DeviceCheck feature will get an overhaul in iOS 14, with the all-new App Attest API being added for more effective defenses against security threats.
Apple’s Secure Enclave is exposed to a new unpatchable exploit
Hackers claim to have discovered a flaw in several generations of the Secure Enclave chip that cannot be fixed because it’s exploitable at the hardware level.