Critical flaw leaves all Apple devices open to password thieves


Update your devices today to be safe.
Photo: Faris Algosaibi/Flickr CC

If you haven’t already installed Apple’s latest round of software updates, go do it now.

A flaw in earlier versions of iOS, OS X, tvOS and watchOS makes it possible for hackers to remotely steal saved passwords from your Apple devices without your knowledge.

Facebook coughs up $10,000 for 10-year-old Instagram hacker

It pays to uncover Facebook flaws.
Photo: Killian Bell/Cult of Mac

A 10-year-old with insane hacking skills just scored a $10,000 payout from Facebook for uncovering a serious flaw in Instagram.

The Helsinki-based boy, who can’t even open a Facebook account for another three years, found he was able to alter code on Instagram’s servers to delete comments posted by any account.

In-app purchases flaw exposes developers to costly hacks


With 2 million apps, the App Store is almost too big.
With 2 million apps, the App Store is almost too big.
Photo: PhotoAtelier/Flickr

Sloppy coding in some popular iOS games allows hackers to give themselves and others thousands of dollars’ worth of in-app purchases for free.

The hole was discovered by developers at DigiDNA, creator of a backup tool called iMazing that allows iPhone and iPad users to access their devices’ hidden file systems. The developers found that the app backup/restore feature in iMazing 1.3 exposes weaknesses in the way games like Angry Birds 2 and Tetris Free handle in-app purchases.

To demonstrate how easy it is to hack in-app purchases using this method, the DigiDNA team tweaked Angry Birds 2 to start the game with 999,999,999 gems — the equivalent of $10,000 of in-game credits.