If you’ve upgraded to iOS 12.1 already, you might want to be careful about where you leave your iPhone. It turns out that a new lock screen flaw lets anyone access your contacts without your passcode. The video below shows you how it’s exploited.
Airmail 3, a popular email client for macOS, ships with big security vulnerabilities that could put users’ personal data at risk.
Researchers uncovered an exploit that allows attackers to steal users’ emails and attachments simply by convincing them to open a message. Here’s how it works.
Apple rolled out its latest iOS 10.3.3 update on Wednesday, and you should install it as quickly as possible if you haven’t already.
This release fixes a serious vulnerability in the Wi-Fi chips used in iPhone, iPad, and iPod touch, which allows an attacker to remotely take control of your device over a wireless network.
Looking for a quick way to become a millionaire? Just try hacking the iPhone.
Software security firm Zerodium revealed today that it has raised the price of its permanent bounty on iOS zero-day exploits, giving hackers a chance to earn up to $1.5 million if their exploit meets all the requirements.
The last version of iOS 9 that was successfully jailbroken was iOS 9.0.2. Now, we’re up to iOS 9.2, and now Apple says iOS 9.3 will be coming soon. So when will the jailbreakers catch up?
Unknown, but it shouldn’t be too far away, with a prominent jailbreak hacker showing off video of an iOS 9.3 jailbreak exploit today.
Apple’s Gatekeeper feature was designed to keep even the most advanced users from accidentally installing malicious software on their computers, but a super-simple exploit lets hackers sneak malware onto your Mac.
The exploit was discovered by Patrick Wardle, director of research at security firm Synack. Wardle found that the exploit is made possible thanks to a key design shortcoming in Gatekeeper that lets an attacker use a binary file already trusted by Apple to execute malicious files.
Here’s how it works:
While millions of iPhone users have eagerly upgraded to iOS 9, a new race is on among researchers to find critical flaws in Apple’s software, and they’re throwing around more cash than ever to get hackers to find the holes.
A new security industry firm called Zerodium announced today that it will pay hackers $1 million for a single exploit that allows attackers to break into an iPhone or iPad running iOS 9. The company says its even willing to pay the bounty multiple times, as long as the exploits break through iOS 9’s security flaws a certain way.
iOS security researchers Jan Souček has discovered a new bug in iOS’s mail client that could trick users into accidentally giving attackers their AppleID and password.
The Mail app exploit was discovered at the beginning of 2015, and Apple’s engineers were quickly notified of its existence, but a fix for the bug hasn’t been released in any of the updates following iOS 8.1.2. According to Souček, the bug allows remote HTML content to be loaded, making it possible to build a password collector that looks just like an iCloud sign-in prompt.
Here’s a video of the bug in action:
A new exploit has been discovered in iOS 7.1.1 that lets anyone access your full contacts list and send an email, text or call — just by chatting with Siri.
Egyptian neurosurgeon and part-time hacker Sherif Hashim, apparently the first to discover the security hole, posted a YouTube video detailing the steps of the exploit.
Check out how easy it is for a prankster to hack your phone in the video below:
Thanks to Apple’s strict software approval process, iOS devices are generally considered some of the most secure. But you might want to be careful about where you plug them in for charging. Researchers at the Georgia Institute of Technology have developed a modified charger capable of installing malware onto any device running Apple’s latest iOS operating system.
Shortly after the evasi0n jailbreak made its much-anticipated debut earlier this week, Apple pushed out its iOS 6.1.1 beta to registered developers. We suspected that the new release would patch the exploits that evasi0n used to hack iOS devices, but fortunately for the many millions of people enjoying its benefits, that’s not the case. At least not yet.
Now that Apple is fixing the in-app purchasing exploit that Russian hacker Alexei Borodin brought to light this week, it seems as if he’s at it again. This time, however, it’s an in-app purchasing hack that works in the Mac App Store.
The method here is similar as the one Borodin used in iOS, with the user installing some fake security certificates and then pointing the Mac’s DNS servers at a false server run by Borodin. The remote server then pretends to be the actual Mac Store and verifies the purchase, bypassing the real system for in-app purchases set up by Apple and use by developers of Mac apps. Borodin claims that this system has allowed approximately 8.4 million free purchases so far.
rather foolishly updated to iOS 5.1 shortly after its release earlier this year are still waiting for an exploit that will allow them to reclaim root access to their device. But according to iOS hacker Pod2g, that exploit could only be another month (or two) away.
Just hours after its release on March 16, Apple’s new iPad was jailbroken by the iPhone Dev-Team. Their announcement gave us hope that an exploit for A5 and A5X devices running iOS 5.1 would be available within weeks, but it now seems like we’ll be waiting a whole lot longer than that.
Pod2g and his “Dream Team” of fellow iOS hackers seem to be making some pretty decent progress on their much-anticipated A5 jailbreak, promising in their latest blog post that the exploit’s public release is now just “a matter of days” away.
Back in November, iOS hacker Pod2g announced in a message on Twitter that he had discovered a bug in the iOS 5 software that could provide an untethered jailbreak. To backup his claims, Pod2g has posted a video to YouTube that demonstrates the hack in action, but he’s yet to provide any indication as to when the jailbreak might go public.
When Apple seeded its first iOS 5 beta to registered developers back in June, it was discovered the company’s next-generation mobile platform eliminated untethered jailbreaking and meant that hackers must connect their device to their computer every time they wanted to boot it up if they hoped to maintain their jailbreak.
Since then, however, reports surrounding an untethered jailbreak for iOS 5 have surfaced. The latest glimmer of hope comes from the Chronic Dev Team member Pod2g, who claims to have discovered a bug in the latest iOS 5 software that could lead to an untethered jailbreak.
Undoubtedly the most simple jailbreak solution to ever be available for the iPhone is the JailbreakMe online exploit from Comex. Apple quickly patched this hack shortly after its release, but Comex has updated the JailbreakMe page with a teaser its upcoming relaunch… reminding people that this was a jailbreak a LONG time in the making.
Apple released iOS 4.3.3 on Tuesday to address the infamous location tracking issues with the iPhone. To our surprise, however, the update to does prevent the latest untethered jailbreak solution, leaving 4.3.3 still vulnerable to the hack.
Dev-Team member C0mex posted a message on Twitter yesterday that confirmed the exploit was still successful. While we don’t recommend you try jailbreaking the latest iOS release with Redsn0w or PwnageTool, it’s only a matter of time before both tools are updated.
In its fight against the jailbreak community, Apple usually fixes the vulnerabilities that make the latest jailbreaks possible, forcing hackers to find another exploit. The fact that it hasn’t with the latest iOS release is evidence that Apple rushed to get the 4.3.3 software out and quickly quash the location tracking bugs, putting an end to the whole ‘Locationgate’ saga.
We’ll keep you updated on the iOS 4.3.3 jailbreak as it progresses.