Collaborate Disseminate
Apple has backported the patch for CVE-2024-23296 to the iOS 16 branch and has fixed a bug (CVE-2024-27852) in MarketplaceKit that may allow maliciously crafted webpages to distribute a script that tracks iOS users on other webpages. The company has al… Continue reading Apple backports iOS zero-day patch, adds Bluetooth tracker alert
On Wednesday, Apple released security updates for all supported branches of iOS and iPadOS, macOS, tvOS, watchOS and Safari. This time around, the updates did not garner as much attention as when they deliver a zero-day fix, though it has to be mention… Continue reading Apple news: iLeakage attack, MAC address leakage bug
It was to be expected: As the buzz around Meta’s new microblogging platform Threads gained momentum, some individuals have stepped in to take advantage of the fact that the app still can’t formally serve users in the European Union (or Chin… Continue reading Meta’s Threads app used as a lure
Google has updated Google Authenticator, its mobile authenticator app for delivering time-based one-time authentication codes, and now allows users to sync (effectively: back up) their codes to their Google account. A long-awaited option Before this up… Continue reading Google Authenticator updated, finally allows syncing of 2FA codes
Popular chat apps, including LINE, Slack, Twitter DMs and others, can also leak location data and share private info with third-party servers. Continue reading LinkedIn, Instagram Vulnerable to Preview-Link RCE Security Woes
App will stop reading users’ device cut-and-paste data after a new banner alert in an Apple update uncovered the activity. Continue reading TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior
A developer has discovered that malicious apps could exploit the pasteboard to work out a user’s location. Continue reading Apple’s iOS pasteboard leaks location data to spy apps