Apple

A critical security vulnerability in Apple's XNU kernel has been disclosed. It allows local attackers to escalate privileges and potentially execute arbitrary code with kernel-level access.  The flaw, identified as CVE-2025-31219, represents a significant security...

Apple has released iOS 18.4.1 and iPadOS 18.4.1 to address two critical zero-day vulnerabilities that were actively exploited in highly targeted, sophisticated attacks against specific individuals iPhone. The vulnerabilities, identified in the CoreAudio and...

Apple has issued an urgent security advisory concerning three critical zero-day vulnerabilities CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 that have been actively exploited in sophisticated attacks.  These vulnerabilities affect a wide range of Apple devices, including iPhones,...

Apple has announced it will implement end-to-end encryption (E2EE) for Rich Communication Services (RCS) messaging on iPhones, significantly enhancing security for cross-platform communications between iOS and Android users.  The announcement comes as the GSM Association...

Apple has released emergency security updates addressing a critical zero-day vulnerability in its WebKit browser engine, identified as CVE-2025-24201, which has been actively exploited in targeted attacks. The flaw, described as an out-of-bounds write...

Advanced threat actors increasingly leverage x86-64 binaries and Apple’s Rosetta 2 translation technology to bypass execution policies and deploy malware on Apple Silicon devices. The technique exploits architectural differences between Intel and ARM64 processors while...

The exponential growth of government data requests to technology giants has transformed Silicon Valley into the backbone of modern surveillance infrastructure. Between 2014 and 2024, Apple, Google, and Meta collectively disclosed data from 3.16 million...

Apple has taken the unprecedented step of disabling its Advanced Data Protection (ADP) feature for UK users after the British government invoked surveillance laws to demand access to encrypted iCloud data.  The move, effective on...

Recent advances in cybercrime strategies are reviving the carding sector, with threat actors leveraging stolen credit card data to create fraudulent Apple Pay and Google Wallet accounts.  Dubbed "Ghost Tap," this new attack methodology uses...

Security researchers from Korea University have unveiled a new vulnerability in macOS systems running on Apple Silicon processors.  Dubbed "SysBumps," this attack successfully circumvents Kernel Address Space Layout Randomization (KASLR), a critical security mechanism designed...