Urgent warning to iPhone users: Turn off popular feature and take these steps for safety
Researchers at cybersecurity firm Oligo found major security flaws in Apple AirPlay that allow hackers to hijack compatible devices on the same Wi-Fi network.
AirPlay allows users to seamlessly stream audio, video or photos from their Apple device to another Apple device or third-party gadgets that integrate the protocol.
The 23 vulnerabilities, dubbed 'AirBorne,' were found both in Apple's AirPlay protocol and the AirPlay Software Development Kit (SDK) used by third-party vendors to make devices AirPlay compatible, Wired reported.
Researchers demonstrated in a video how vulnerabilities can be exposed to hackers by accessing an AirPlay-enabled Bose speaker on the same network and remotely executing a Remote Code Execution (RCE) attack, showing the 'AirBorne' logo on the speaker's display.
They claimed that hackers realistically can use a similar strategy to gain access to devices with microphones for espionage.
Oligo CTO Gal Elbaz told Wired that the total number of exposed devices could potentially be in the millions.
'Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch — or they will never be patched,' Elbaz explained. 'And it's all because of vulnerabilities in one piece of software that affects everything.'
The risks were reported to Apple in the late fall and winter of last year, and Oligo worked with the tech giant for months on fixes before publishing their findings Tuesday.
Apple devices with iOS 18.4, iPadOS 18.4, macOS Ventura 13.7.5, macOS Sonoma 14.7.5, macOS Sequoia 15.4 and visionOS 2.4 had fixes rolled out on March 31.
However, third-party devices that support AirPlay protocol remain vulnerable. The researchers said that manufacturers would need to roll out updates for users to install themselves in order to avoid being exposed to hackers.
Apple told Wired that it created patches available for these third-party devices, but it emphasized that there are 'limitations' to the attacks that would be possible on AirPlay-enabled devices due to the bugs.
CarPlay-equipped systems are also at risk, the researchers noted, since hackers can carry out an RCE attack if they are near the unit and 'the device has a default, predictable, or known Wi-Fi hotspot password.'
According to the report, there are several ways to help protect your device from the threat of hackers:
Update your devices: Researchers stressed that devices and other machines that support AirPlay need to be updated immediately to the latest software versions to mitigate potential security risks.
Disable AirPlay Receiver: Oligo recommends fully disabling the AirPlay feature when not in use.
Only AirPlay to trusted devices: Limit AirPlay communication and stream content to only trusted devices.
Restrict AirPlay Settings: Go to Settings > AirPlay & Continuity (or AirPlay & Handoff) and select Current User for the 'Allow AirPlay for' option. 'While this does not prevent all of the issues mentioned in the report, it does reduce the protocol's attack surface,' researchers noted.
Disable on public Wi-Fi: It's best to avoid enabling or using AirPlay when on a public Wi-Fi network.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Hill
22 minutes ago
- The Hill
Apple faces steep tariffs
{beacon} Technology Technology The Big Story Apple anticipates $1.1B price tag from tariffs next quarter Apple expects to face $1.1 billion in tariff-related costs next quarter on top of $800 million from the prior three months. © Alberto Pezzali, Associated Press The iPhone-maker, which has been hit particularly hard by President Trump's tariff push, still reported strong quarterly earnings, posting $94 billion in revenue and $23.4 billion in net income for the stretch between April and June. Apple sold $44.5 billion worth of iPhones last quarter, up 13 percent from the same three-month period last year, at least part of which the company attributed to consumers trying to get ahead of tariffs. 'We would estimate the pull-forward of demand into April specifically to be about one point of the 10 points in terms of people buying because of discussions about tariffs,' Apple CEO Tim Cook said Thursday, referencing the 10 percent uptick in sales last quarter. The company has found itself in a tricky position on tariffs in Trump's second term. It has long manufactured most of its products in China but has increasingly sought to diversify its supply chain by moving some production to India and Vietnam. This has been less than beneficial given the president's wide-ranging approach to tariffs this time around. Trump initially hit all three countries with hefty 'reciprocal' tariffs before putting most on pause. Tariffs on Chinese goods remained in place, as Washington and Beijing went tit for tat on import taxes, raising levies on one another to 145 percent and 125 percent, respectively. The two sides eventually struck an agreement to lower their tariffs to 30 percent and 10 percent, a truce they agreed to extend Tuesday for an additional 90 days. In the meantime, Apple has shifted more production to India, prompting the country to overtake China as the leading exporter of smartphones to the U.S. last quarter. Check out the full report at Welcome to The Hill's Technology newsletter, I'm Julia Shapero — tracking the latest moves from Capitol Hill to Silicon Valley. Did someone forward you this newsletter? Subscribe here. Essential Reads How policy will be impacting the tech sector now and in the future: Tesla found partly liable for fatal autopilot crash A federal jury on Friday found Elon Musk's Tesla partially liable for a fatal 2019 crash involving the electric vehicle maker's autopilot system. The Miami jury determined Tesla was 33 percent responsible for the crash and ordered the company to pay several million dollars in damages. The family of Naibel Benavides sued the EV maker over the crash that resulted in the 22-year-old's death, alleging the company's … Full Story Senate Democrats call for probe into DOJ settlement over HPE-Juniper merger Several Senate Democrats are calling for an investigation into the Department of Justice's (DOJ) decision to settle a lawsuit blocking Hewlett Packard Enterprise's (HPE) $14 billion acquisition of Juniper Networks. Democratic Sens. Richard Blumenthal (Conn.), Cory Booker (N.J.), Elizabeth Warren (Mass.) and Amy Klobuchar (Minn.) raised concerns to the DOJ inspector general Friday about the circumstances surrounding the … Full Story Astronauts launch to the space station after sidelined by Boeing's troubled Starliner CAPE CANAVERAL, Fla. (AP) — Astronauts sidelined for the past year by Boeing's Starliner trouble blasted off to the International Space Station on Friday, getting a lift from SpaceX. Full Story The Refresh News we've flagged from the intersection of tech and other topics: Palantir gets $10 billion contract from U.S. Army (Washington Post) OpenAI raises $8.3 billion in latest funding round (New York Times) Crypto Corner SEC launches Project Crypto © AP Photo/Andrew Harnik Securities and Exchange Commission (SEC) Chair Paul Atkins is launching a new initiative to update securities rules and regulations to "enable America's financial markets to move on-chain." Atkins announced his plans for Project Crypto on Thursday, directing agency staff to develop proposals for implementing recommendations from the Trump administration's recent crypto report. The 166-page report from the president's digital assets working group offered detailed guidance to Congress and federal regulators on everything from crypto oversight to taxation to banking rules. It notably urged both the SEC and the Commodity Futures Trading Commission (CFTC) to 'use their existing authorities to immediately enable the trading of digital assets at the federal level.' Atkins said Thursday he is directing SEC staff to draft rules on crypto asset distributions, custody and trading, in addition to considering authorities to "make sure that archaic rules and regulations do not smother innovation and entrepreneurship in America." For instance, the SEC chair said he has tasked his staff with developing guidelines to determine when a crypto asset is a security or subject to an investment contract (which also falls under the agency's purview). He also called for fit-for-purpose disclosures, exemptions and safe harbors for crypto transactions that are covered by securities laws. Crypto Corner is a daily feature focused on digital currency and its outlook in Washington. In Other News Branch out with other reads on The Hill: Google loses appeal in antitrust battle with Fortnite maker SAN FRANCISCO (AP) — A federal appeals court has upheld a jury verdict condemning Google's Android app store as an illegal monopoly, clearing the way for a federal judge to enforce a potentially disruptive shakeup that's designed to give consumers more choices. Full Story You're all caught up. See you next week!
Yahoo
an hour ago
- Yahoo
Apple CEO Tells Staff AI Is ‘Ours to Grab' in Hourlong Pep Talk
(Bloomberg) -- Apple Inc. Chief Executive Officer Tim Cook, holding a rare all-hands meeting following earnings results, rallied employees around the company's artificial intelligence prospects and an 'amazing' pipeline of products. The World's Data Center Capital Has Residents Surrounded An Abandoned Art-Deco Landmark in Buffalo Awaits Revival We Should All Be Biking Along the Beach Budapest's Most Historic Site Gets a Controversial Rebuild San Francisco in Talks With Vanderbilt for Downtown Campus The executive gathered staff at Apple's on-campus auditorium Friday in Cupertino, California, telling them that the AI revolution is 'as big or bigger' as the internet, smartphones, cloud computing and apps. 'Apple must do this. Apple will do this. This is sort of ours to grab,' Cook told employees, according to people aware of the meeting. 'We will make the investment to do it.' The iPhone maker has been late to AI, debuting Apple Intelligence months after OpenAI, Alphabet Inc.'s Google, Microsoft Corp. and others flooded the market with products like ChatGPT. And when Apple finally released its AI tools, they fell flat. But Cook struck an optimistic tone, noting that Apple is typically late to promising new technologies. 'We've rarely been first,' the executive told staffers. 'There was a PC before the Mac; there was a smartphone before the iPhone; there were many tablets before the iPad; there was an MP3 player before iPod.' But Apple invented the 'modern' versions of those product categories, he said. 'This is how I feel about AI.' An Apple spokesperson declined to comment on the gathering. The hourlong meeting addressed a range of topics, including the retirement of operating chief Jeff Williams, increasing Apple TV+ viewership and advances in health care with features like the AirPods Pro hearing-aid technology. It also touched on donations and community service by Apple employees, the company's goal to become carbon neutral by 2030, and the impact of regulations. 'The reality is that Big Tech is under a lot of scrutiny around the world,' Cook said. 'We need to continue to push on the intention of the regulation and get them to offer that up, instead of these things that destroy the user experience and user privacy and security.' Cook often holds town hall-style chats when visiting Apple's offices around the world, but companywide meetings from the Steve Jobs Theater at headquarters are unusual. The remarks followed a blockbuster earnings report, with sales growing nearly 10% during the June quarter. That beat Wall Street expectations and eased concerns about iPhone demand and a slowdown in China. Apple still faces myriad challenges, including Trump administration tariffs and a regulatory crackdown on its business practices. The company said Thursday that tariffs would bring a $1.1 billion headwind this quarter, though Apple was upbeat about sales growth. It also said that App Store revenue rose by a percentage in the double digits last quarter, despite efforts in the EU and elsewhere to further restrict that business. Echoing comments he made during the earnings conference call, Cook told employees the company is investing in AI in a 'big way.' He said 12,000 workers were hired in the last year, with 40% of the new hires joining in research and development roles. Apple's chip development efforts, led by executive Johny Srouji, are key to the company's AI strategy, Cook said. Apple is working on a more powerful cloud-computing chip — code-named Baltra — to power artificial intelligence features, Bloomberg News has reported. It's also setting up a new AI server manufacturing facility in Houston. The meeting included Craig Federighi, senior vice president of software engineering, who discussed the future of Apple's Siri voice assistant. The company had planned to roll out a Siri overhaul as part of Apple Intelligence earlier this year, adding the ability to tap into user data to better fulfill requests. It was delayed, spurring management changes for the company's AI work. Federighi explained that the problem was caused by trying to roll out a version of Siri that merged two different systems: one for handling current commands — like setting timers — and another based on large language models, the software behind generative AI. 'We initially wanted to do a hybrid architecture, but we realized that approach wasn't going to get us to Apple quality,' Federighi said. Now, Apple is working on a version of Siri that moves to an entirely new architecture for all of its capabilities. That iteration is slated for as early as spring, Bloomberg News has reported, though Apple executives haven't confirmed a timeline other than a release next year. 'The work we've done on this end-to-end revamp of Siri has given us the results we needed,' the engineering executive told employees. 'This has put us in a position to not just deliver what we announced, but to deliver a much bigger upgrade than we envisioned. There is no project people are taking more seriously.' Federighi cited leadership changes, including putting Vision Pro creator Mike Rockwell and his headset software leadership team in charge of Siri, as a driving force in improving the product. He said Rockwell and his group have 'supercharged' the company's work in the area. In his speech, Cook also pushed employees to move more quickly to weave AI into their work and future products. 'All of us are using AI in a significant way already, and we must use it as a company as well,' Cook said. 'To not do so would be to be left behind, and we can't do that.' Employees should push to deploy AI tools faster, and urge their managers and service and support teams to do the same, he said. Cook also addressed the company's retail strategy, stressing that the current plan is to focus on opening new stores in emerging markets and upping the investment in Apple's online store. The iPhone maker is opening outlets in India, the United Arab Emirates and China this year, and is preparing to add its first location in Saudi Arabia next year. 'We need to be in more countries, and you'll see us go into more emerging markets in particular,' Cook said. That doesn't mean Apple will ignore other places, he said, but a 'disproportionate amount of growth' will be in new areas. The CEO also shared his enthusiasm about upcoming products, though he didn't get specific. 'I have never felt so much excitement and so much energy before as right now,' he said. Bloomberg News has previously reported that Apple plans to launch its first foldable iPhone next year and is also working on a stream of smart home devices. New headset products, smart glasses, a push into robotics and a redesigned iPhone for the two-decade anniversary are also underway. 'The product pipeline, which I can't talk about: It's amazing, guys. It's amazing,' Cook said. 'Some of it you'll see soon, some of it will come later, but there's a lot to see.' How Podcast-Obsessed Tech Investors Made a New Media Industry Russia Builds a New Web Around Kremlin's Handpicked Super App Everyone Loves to Hate Wind Power. Scotland Found a Way to Make It Pay Off It's Not Just Tokyo and Kyoto: Tourists Descend on Rural Japan Cage-Free Eggs Are Booming in the US, Despite Cost and Trump's Efforts ©2025 Bloomberg L.P.
Tom's Guide
an hour ago
- Tom's Guide
Not a typo! Score an iPhone 16 Pro for free at this carrier
Need a reliable smartphone for the forthcoming school season? T-Mobile is offering one of our favorite phones for free ahead of the upcoming semester. For a limited time, you can get the iPhone 16 Pro for free at T-Mobile with trade-in and an eligible unlimited data plan. It's one of the best back to school deals I've seen. Trade in an eligible device in any condition, and T-Mobile will give you a credit of up to $1,000 that you can apply to an iPhone 16 Pro. You'll need to sign up for T-Mobile's $100/month Experience Beyond plan to qualify as well, though if you opt for the $85/month Experience More plan, you can still get up to $830 in credit. T-Mobile will also pay off your phone up to $800 with your current carrier. This is a great way to get one of Apple's best iPhones at a low-to-no cost. In addition to the savings, the reason I recommend the iPhone 16 Pro is because it gains the best part about the iPhone 16 Pro Max — its 12MP telephoto camera with 5x optical zoom. Last year's model topped out with a 3x optical zoom camera, so having the same 5x optical zoom reach as the more expensive iPhone 16 Pro Max makes it the iPhone to own. I also prefer it because of its more compact size. On top of all of this, we've put the iPhone 16 Pro (and 16 Pro Max) through several photo shootouts against its main rivals to determine if it's really the best camera phone out there. And since it shares the same camera setup as the iPhone 16 Pro Max, we've used its cameras for astrophotography to capture star clusters, galaxies, and nebulas in the night sky. We also love how blazing fast it is for just about everything, including playing games. But the biggest treat about this year's model is the arrival of Apple Intelligence, which brings Apple's flagship into a whole new era with the help of AI features.
