AirPlay security flaws could help hacker…

04.29.2025
Cybersecurity firm Oligo has detailed a set of vulnerabilities its researchers found in Apple’s AirPlay protocol and software development kit that could serve as a point of entry to infect

Cybersecurity firm Oligo has detailed a set of vulnerabilities its researchers found in Apple’s AirPlay protocol and software development kit that could serve as a point of entry to infect other devices on your network, Wired reports.

Oligo’s researchers refer to the vulnerabilities and attacks they enable as “AirBorne.” According to Oligo, two of the bugs it found are “wormable” and could let attackers take over an AirPlay device and spread malware throughout “any local network the infected device connects to.” That said, they would need to already be on the same network as the device to carry out the attack.

Other possible outcomes of an attack include hackers remotely executing code on your devices (also called an RCE attack), accessing local files and sensitive information, and carrying out denial-of-service attacks, Oligo says. It adds that an attacker could also show images on something like a smart speaker’s display — as demonstrated with an AirPlay-enabled Bose speaker in the video below — or tap into the speaker’s microphone to listen to nearby conversations.

Apple has already patched the bugs, but there are still risks via non-Apple-made AirPlay devices. And while there’s a relatively low chance of a hacker being on your home network, Wired points out that AirBorne attacks could also happen if you connect to a public network with an device that uses AirPlay — like a MacBook or an iPhone — that isn’t updated with the latest Apple software.

The risks extend to CarPlay devices, too. Oligo found that attackers “could execute an RCE attack” via CarPlay under certain conditions, like connecting to a car’s Wi-Fi hotspot that’s still using a “default, predictable or known wifi hotspot password.” Once they’re in, hackers could do things like show images on the car’s infotainment system or track the car’s location, according to Oligo.

As Oligo points out, there are tens of millions of third-party AirPlay devices, including things like standalone speakers, home theater systems, TVs. The firm also notes that CarPlay “is widely-used and available in over 800 vehicle models.” According to Wired, Apple created patches for affected third-party devices” as well, but a cybersecurity expert tells the outlet that Apple doesn’t directly control the patching process of third-party devices. 

Apple didn’t immediately respond to The Verge’s request for comment.

original link


You may also be interested in this

Apple, Meta see modest Eu…

04.23.2025
Apple and Meta Platforms face EU fines totaling €700 million ($798 million) for breaching Big Tech antitrust rules under the Digital Markets Act. Apple was fined €500 million ($540 million),

Apple reports record Q1 2…

01.30.2025
Apple has released its earnings report for fiscal Q1 2025. The company reports $124.30 billion in revenue during the three-month period. That compares to $119.58 billion during the same quarter a year

Apple releases macOS 15.3…

03.11.2025
Apple just released a new software update for Mac users: macOS Sequoia 15.3.2. Here’s what you should know. more…

Apple’s iPhone 16e is sig…

03.14.2025
Apple’s new iPhone 16e joins the iPhone 16 family as its most affordable member, featuring breakthrough battery life, the fast performance of the A18 chip, and an integrated high-resolution 48MP

Snapchat finally introduc…

08.27.2024
Snapchat was launched for iOS in 2011, but since then the app has only had iPhone support. iPad users, on the other hand, could only run the iPhone app with

Apple fights $1.8 billion…

01.13.2025
A London tribunal heard on Monday that Apple is accused of abusing its market dominance by imposing an unfair commission of up to 30% on app developers through its App

F-Secure Total for Mac re…

05.09.2023
Macworld At a GlanceExpert's Rating ProsIncludes virus protection, secure browsing, ID monitoring, a VPN, and a password vault in one packageEffective and flexible VPNConsMissing key capabilities such as a quick

Apple shares hit new all-…

12.09.2024
In Nasdaq trading today, shares of Apple Inc. (AAPL) rose $3.91, or 1.61%, to $246.75, a new all-time closing high. Apple’s intraday high was also set today at $247.24. Apple’s

Popular Posts

Click it!

Search

ipinfo.io

user online267
your visit count
your ID
cityColumbus
postal43215
regionOhio
countryUS
timezoneAmerica/New_York
loc39.9612, -82.9988
orgAS16509 Amazon.com, Inc.
hostec2-3-15-203-168.us-east-2.compute.amazonaws.com
OSUnknown Operating System
IP3.15.203.168
languageipinfo.io error
browser ↓
Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)

support me with your mouse

findip.net

user online267
your visit count
your ID
cityDublin
continentNA
countryUnited States
system16509
providerAmazon.com, Inc.
Time ZoneAmerica/New_York
Weather CodeUSOH0269
Subdivision NameFranklin
loc40.0992,-83.1141
orgAmazon.com, Inc.
connectionCorporate
OSUnknown Operating System
IP3.15.203.168
connectionCorporate
browser ↓
Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)

Recent

X

A whimsical homage to the days in black and white, celebrating the magic of Mac OS. Dress up your blog with retro, chunky-grade pixellated graphics to evoke some serious computer nostalgia. Supports a custom menu, custom header image, custom background, two footer widget areas, and a full-width page template. I updated Stuart Brown's 2011 masterpiece to meet the needs of the times, made it responsive , got dark mode, custom search widget and more.You can download it from tigaman.com, where you can also find more useful code snippets and plugins to get even more out of wordpress.