All news with #apple tag

Amazon EC2 macOS Tahoe Now Available on Mac Instances

🖥️ Amazon Web Services now publishes Apple macOS Tahoe (v26) as Amazon Machine Images (AMIs) for EC2 Mac instances, enabling developers to build and test with Xcode 26 and the latest Apple platform SDKs. These AMIs run on Apple silicon EC2 Mac instances and are backed by Amazon Elastic Block Store (EBS) for stable, high-performance storage. Images include the AWS CLI, Command Line Tools for Xcode, Amazon SSM Agent, and Homebrew with the AWS Homebrew Tap. macOS Tahoe AMIs are available in all AWS regions that offer Apple silicon Mac instances and can be launched via the Console, CLI, or API.

Phishing texts impersonate Find My to steal Apple IDs

📱 The Swiss NCSC warns of smishing attacks that impersonate Apple's Find My team, telling owners their lost iPhone has been found to lure them to a fake login page. Messages can cite device details visible on the lock screen and use the displayed contact info to target victims. The counterfeit pages request the user's Apple ID and password, which attackers then use to remove Activation Lock. Users should enable Lost Mode, avoid unsolicited links, use a dedicated contact email, and protect their SIM with a PIN.

Leading Bug Bounty Programs and Market Shifts 2025

🔒 Bug bounty programs remain a core component of security testing in 2025, drawing external researchers to identify flaws across web, mobile, AI, and critical infrastructure. Leading platforms like Bugcrowd, HackerOne, Synack and vendors such as Apple, Google, Microsoft and OpenAI have broadened scopes and increased payouts. Firms now reward full exploit chains and emphasize human-led reconnaissance over purely automated scanning. Programs also support regulatory compliance in critical sectors.

Google AI 'Big Sleep' Finds Five WebKit Flaws in Safari

🔒 Google’s AI agent Big Sleep reported five vulnerabilities in Apple’s WebKit used by Safari, including a buffer overflow, two memory-corruption issues, an unspecified crash flaw, and a use-after-free (CVE-2025-43429 through CVE-2025-43434). Apple issued patches across iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, watchOS 26.1, visionOS 26.1 and Safari 26.1. Users are advised to install the updates promptly to mitigate crash and memory-corruption risks.

CISA Adds Five Exploited Bugs Including Oracle EBS SSRF

⚠️ CISA added five vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, confirming CVE-2025-61884 — an SSRF in the Runtime component of Oracle E-Business Suite — is being weaponized in the wild. The agency warns CVE-2025-61884 is remotely exploitable without authentication and follows active exploitation of CVE-2025-61882, a critical RCE bug. The KEV update also includes high-severity issues in Microsoft Windows SMB Client, Kentico Xperience CMS, and Apple JavaScriptCore, and FCEB agencies must remediate them by November 10, 2025.

CISA Adds Five CVEs to Known Exploited Vulnerabilities

🚨 CISA added five vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog based on evidence of active exploitation: CVE-2022-48503 (Apple), CVE-2025-2746 and CVE-2025-2747 (Kentico Xperience Staging Sync Server), CVE-2025-33073 (Microsoft Windows SMB Client), and CVE-2025-61884 (Oracle E-Business Suite SSRF). These flaws include authentication bypasses, improper access control, and SSRF, which are frequent attack vectors and pose significant risks. Under BOD 22-01, Federal Civilian Executive Branch agencies must remediate identified KEV items by the required due dates; CISA strongly urges all organizations to prioritize timely remediation as part of their vulnerability management practice.

Apple Raises Top Bug Bounty to $2M for Zero-Click Exploits

🔒 Apple has expanded its Security Bounty program, doubling the top award to $2,000,000 for exploit chains that achieve goals comparable to sophisticated mercenary spyware. The company says bonuses for Lockdown Mode bypasses and vulnerabilities found in beta software can push payouts past $5 million. New, higher rewards include $100,000 for a complete Gatekeeper bypass, $1,000,000 for broad unauthorized iCloud access, up to $300,000 for one-click WebKit sandbox escapes, and up to $1,000,000 for wireless proximity exploits. Apple is also introducing Target Flags, a mechanism that lets researchers demonstrate exploitability and qualify for accelerated awards processed immediately after verification, even before a fix is released.

Apple Doubles Top Bug Bounty to $2M, Bonuses Possible

🔐 Apple has increased the top award in its Apple Security Bounty program to $2m for exploit chains that emulate sophisticated mercenary spyware. Bonuses for Lockdown Mode bypasses and vulnerabilities found in beta software can more than double that payout, potentially exceeding $5m. Apple also raised many category rewards — including $100,000 for a Gatekeeper bypass and $1m for broad unauthorized iCloud access — and introduced a Target Flags initiative to speed and standardize exploitability demonstrations.

Apple doubles top RCE bounty to $2M amid new MIE security

🔒 Apple has raised its top bounty for iOS zero‑click system‑level remote code execution from $1 million to $2 million, with additional bonuses for Lockdown Mode bypasses and beta‑stage reports that can push awards above $5 million. The change coincides with the rollout of Memory Integrity Enforcement in A19/A19 Pro chips, which leverages Arm's MTE/EMTE to harden memory safety. Apple will also provide 1,000 iPhone 17 devices to civil society members at risk.

Apple Raises Zero-Click Bug Bounty to $2M in Program

🔒 Apple has expanded and redesigned its bug bounty program, doubling the top reward to $2 million for zero-click remote compromise reports and enabling bonus payouts that can push awards above $5 million. The new payout tiers raise rewards across multiple attack categories and add a $1,000 encouragement award for low-impact findings. Apple broadened the wireless-proximity category to include C1/C1X and N1 chips and plans to distribute 1,000 secured iPhone 17 devices in 2026.

How Uber Appears to Know Your Location on iOS Devices

📍 iPhone users have reported receiving airport pickup prompts from Uber even when the app’s location permission is set to Only While Using. The notifications are generated locally by iOS using Apple’s UNLocationNotificationTrigger, which fires preconfigured alerts when a device enters or exits a geofenced area. Uber does not receive location data until you open the app, but the notification’s wording can misleadingly suggest active tracking.

Leaked iPad Pro M5 Benchmark Shows Significant Gains

🔍An alleged Apple M5 benchmark for an iPad Pro has surfaced on Geekbench, reporting a single-core score of 4,133 and a multi-core score of 15,437 for a variant clocked at about 4.42 GHz. The listing shows 12 GB of RAM, likely paired with 256 GB or 512 GB of storage. Early comparisons place the M5 narrowly ahead in single-thread tests versus Qualcomm's Snapdragon X Elite 2 but behind in multi-core throughput, underscoring Apple's strong per-core design.

Leaked iPad Pro M5 Benchmark Nears Laptop CPU Performance

🔍 A leaked Geekbench entry allegedly from an unreleased iPad shows an Apple M5 chip delivering a 4,133 single‑core score and 15,437 multi‑core score, with the processor reported at 4.42 GHz and paired with 12GB of RAM and likely 256/512GB storage. In early comparisons, Apple's per‑core performance edges out Qualcomm's Snapdragon X Elite 2 in single‑thread tests, while the Snapdragon's higher core count gives it a clear multi‑core lead. The results highlight Apple's continued CPU design strength but should be treated as an unverified leak until independently confirmed.

ThreatsDay Bulletin: Exploits Target Cars, Cloud, Browsers

🔔 From unpatched vehicles to hijacked clouds, this ThreatsDay bulletin outlines active threats and defensive moves across endpoints, cloud, browsers, and vehicles. Observers reported internet-wide scans exploiting PAN-OS GlobalProtect (CVE-2024-3400) and campaigns that use weak MS‑SQL credentials to deploy XiebroC2 for persistent access. New AirBorne CarPlay/iAP2 flaws can chain to take over Apple CarPlay in some cases without user interaction, while attackers quietly poison browser preferences to sideload malicious extensions. On defence, Google announced AI-driven ransomware detection for Drive and Microsoft plans an Edge revocation feature to curb sideloaded threats.

GitHub Pages SEO Poisoning Delivers Atomic Stealer

🚨 Attackers are creating convincing GitHub Pages that impersonate well-known brands to trick macOS users into installing the Atomic infostealer. Using SEO poisoning, malicious repositories are promoted in search results and funnel victims through multiple redirects to pages that instruct users to paste a Terminal curl command. That command decodes a base64 URL and executes a script that fetches and runs the Atomic payload. LastPass published IoCs and requested takedowns, but warns the campaign remains active.

Apple Adds Always-On Memory Integrity Enforcement Feature

🔒 Apple has introduced Memory Integrity Enforcement in the iPhone 17, a hardware-aware, always-on defense against memory-safety exploits used by spyware like Pegasus. Building on Arm’s MTE and its 2022 Enhanced Memory Tagging Extension, Apple’s implementation tags allocations with secrets and verifies them on every access. The company says the protection runs continuously without noticeable performance loss. Apple collaborated with Arm and tuned the chip-level design to make exploitation of memory-corruption bugs significantly harder while preserving compatibility with existing code.

Apple patches ImageIO zero-day, urges users to update

🛡️ Apple has released iOS 16.7.12 and iPadOS 16.7.12 to address a critical zero-day in the ImageIO framework (CVE-2025-43300) that can trigger memory corruption when processing crafted images. The vendor says the flaw is an out-of-bounds write and that it may have been exploited in targeted attacks against specific individuals. The fix improves bounds checking and was back-ported from the 18.6.2 updates to reach older devices. Users, particularly those on older iPhones and iPads, are advised to install the update immediately.

Apple Backports Zero-Day Fixes to Older iPhones and iPads

🔒 Apple has released security updates that backport a patch for CVE-2025-43300 to older iPhone, iPad and iPod touch builds. The flaw is an out-of-bounds write in the Image I/O framework that can cause memory corruption, crashes, or enable remote code execution when a device processes a malicious image file. Apple said the issue was exploited in an extremely sophisticated targeted attack and has added improved bounds checking; affected users should install the updates promptly.

Apple Backports Patch for CVE-2025-43300 Exploited Spyware

🛡️ Apple has backported a fix for CVE-2025-43300, an ImageIO out-of-bounds write that can cause memory corruption and has been observed in an extremely sophisticated, targeted spyware campaign. The flaw (CVSS 8.8) was reportedly chained with a WhatsApp vulnerability (CVE-2025-55177, CVSS 5.4) in attacks against fewer than 200 individuals. Patches were issued for current releases and older OS builds — including iOS 16.7.12 and iOS 15.8.5 device backports — and distributed across macOS, tvOS, visionOS, watchOS, Safari, and Xcode. Users and administrators should install the available updates immediately to ensure protection.

Apple releases September 2025 OS updates with patches

🔒 Apple published iOS 26, iPadOS 26 and macOS 26 updates that patch multiple vulnerabilities but did not report active exploitation. The releases address 27 defects in iOS/iPadOS and 77 in macOS, and also include fixes across Safari, watchOS, visionOS and Xcode. Users who prefer not to upgrade to the year-numbered releases can apply security-only updates — iOS 18.7, iPadOS 18.7 or macOS 15.7 — while many devices from 2019 or earlier are not supported. Trend Micro’s Dustin Childs said he saw no sign of active exploitation in this batch, though macOS fixes for PackageKit and StorageKit are notable because exploitation could yield root privileges.