Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Up to one in five of the most popular mobile VPNs are owned by Chinese companies that do their best to hide the fact.

Malwarebytes
Open in Source
#ios#apple#intel
QR codes sent in attachments are the new favorite for phishers

Phishers are putting QR codes as images in attachments because it helps them bypass email filters.

Location, name, and photos of random kids shown to parents in child tracker mix up

Worried parents tracking their children with T-Mobile SyncUP devices suddenly found that they were looking at the location of random other children. And could not locate their own.

AI Image Site GenNomis Exposed 47GB of Underage Deepfakes

Cybersecurity researcher Jeremiah Fowler uncovers a massive 47.8GB database with disturbing AI-generated content belonging to GenNomis.

CVE-2025-25001: Microsoft Edge for iOS Spoofing Vulnerability

**According to the CVSS metrics, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L) but have no effect on integrity (I:N) or on availability (A:N). What does that mean for this vulnerability?** An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality) but not all resources within the impacted component may be divulged to the attacker. The attacker cannot make changes to disclosed information (Integrity) or limit access to the resource (Availability).

CVE-2025-29796: Microsoft Edge for iOS Spoofing Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** A user could be tricked into entering credentials or responding to a pop up after opening a specially crafted file or clicking on a link, typically by way of an enticement in an email or URL.

Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities in question are listed below - CVE-2025-24085 (CVSS score: 7.3) - A use-after-free bug in the Core Media component that could permit a malicious application already installed on a device to elevate

Intimate images from kink and LGBTQ+ dating apps left exposed online

A number of specialized dating apps leaked the--not so--secret storage location of 1.5 Million more or less explicit images

Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices

Apple has been hit with a fine of €150 million ($162 million) by France's competition watchdog over the implementation of its App Tracking Transparency (ATT) privacy framework. The Autorité de la concurrence said it's imposing a financial penalty against Apple for abusing its dominant position as a distributor of mobile applications for iOS and iPadOS devices between April 26, 2021 and July 25,

Twitter (X) Hit by Data Leak of 2.8 Billion Users; Allegedly an Insider Job

Massive Twitter (X) data breach exposes details of 2.8 billion users; alleged insider leak surfaces with no official response from the company.