A critical security vulnerability affecting Apple’s iOS and macOS has recently been reported and subsequently patched. This flaw allowed potential exploitation of the Transparency, Consent, and Control (TCC) framework, posing a significant risk of unauthorized access to sensitive user data. Designated as CVE-2024-44131 with a CVSS score of 5.3, the…
Apple has recently announced a significant increase in its bug bounty program, elevating the maximum payout to $2 million for specific software exploit chains that could be exploited by spyware. This announcement was made by Ivan Krstić, Apple’s vice president of security engineering and architecture, during the Hexacon offensive security…
Recent research has unveiled that North Korean scammers are attempting to deceive U.S. companies into hiring them for architectural design roles, utilizing fabricated profiles, resumes, and Social Security numbers to masquerade as legitimate professionals. This scheme aligns with long-standing efforts by the hermit kingdom to misappropriate billions from organizations worldwide,…
Apple has significantly escalated its bug bounty program, now offering a maximum payout of $2 million for software exploits that could facilitate spyware attacks. This announcement was made by Ivan Krstić, Apple’s vice president of security engineering and architecture, during the Hexacon offensive security conference held in Paris. The new…
Apple’s Removal of ICE Monitoring Apps Raises Concerns Over Free Speech and Digital Control In a significant move, Apple has removed several monitoring and documentation apps related to Immigration and Customs Enforcement (ICE) from its App Store, drawing widespread attention and debate among legal experts and digital rights advocates. These…
Microsoft has disclosed a recently patched security vulnerability within Apple’s macOS. This flaw, which was successfully addressed in a recent update, potentially allowed attackers to exploit a weakness in the operating system’s System Integrity Protection (SIP). If leveraged effectively, an attacker operating with “root” privileges could bypass SIP and inject…
In a recent security announcement, Apple has disclosed the availability of critical software updates designed to rectify multiple security vulnerabilities, including a zero-day flaw that has reportedly been exploited in live attacks. This vulnerability, identified as CVE-2025-24085 with a CVSS score of 7.3, manifests as a use-after-free bug within the…
Encryption & Key Management, Geo Focus: The United Kingdom, Geo-Specific U.K. Home Office Issues New Request for Apple Backdoor Access Akshaya Asokan (asokan_akshaya) • October 3, 2025 The Apple logo on a storefront in London (Image: Shutterstock) The U.K. Home Office has reportedly renewed its request to Apple, seeking backdoor…
A recent analysis from a team at Georgia Institute of Technology and Ruhr University Bochum has unveiled two significant side-channel attacks specifically targeting Apple silicon chips, notably affecting popular web browsers such as Safari and Google Chrome. The attacks have been aptly codenamed Data Speculation Attacks via Load Address Prediction…
