Security researchers Paradigm Shift have discovered a vulnerability in older iPhone and Apple Watch models which can be used to jailbreak the devices. What makes this vulnerability special is the fact that there is no fix for it – the only way to really be secure is to replace the device with a newer model.
The good news is that exploiting the flaw isn’t that simple. It cannot be done remotely since the attacker needs to have physical access to the device, and needs to hook it up to a Raspberry Pi.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers have breached tank readers at US gas stations
May 15, 2026
US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity. The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them in some cases ...
- ShinyHunters: Cyber Criminal Group Attacks Learning Management System
May 15, 2026
The Federal Bureau of Investigation (FBI) is providing this Public Service Announcement (PSA) to warn of potential future impacts related to a cyber-attack that affected an online Learning Management System (LMS), resulting in an interruption of service to educational institutions and students across the country. The LMS platform is now fully operational. ShinyHunters (SH) — which ...
- OpenAI caught in TanStack npm supply chain chaos after employee devices compromised
May 15, 2026
OpenAI says attackers behind the TanStack npm supply chain compromise stole internal credentials after reaching two employee devices, forcing the company to rotate signing certificates for several desktop products. The company disclosed this week that it had been caught up in the wider “Mini Shai-Hulud” campaign targeting npm ecosystems and developer infrastructure, though it said there was no ...
- Another major Linux security issue uncovered – new Fragnesia flaw allows attackers to run malicious code as root
May 14, 2026
Security researchers have discovered a new vulnerability in the Linux kernel which could allow malicious actors to run code with elevated privileges, exposing systems to risk of data theft, malware deployment, and even full device takeover. The vulnerability is tracked as CVE-2026-46300, and was given a severity score of 7.8/10 (high). It’s nicknamed Fragnesia and is ...
- Over a million WordPress sites hit in plugin flaw — so patch now or face the consequences
May 14, 2026
A popular WordPress plugin with roughly a million active installations contained two vulnerabilities that could have allowed malicious actors to exfiltrate sensitive data, such as password hashes and other valuable information. Security researchers at Wordfence said they were tipped off by a researcher Rafie Muhammad about the existence of an Arbitrary File Read and an SQL Injection vulnerability in Avada ...
- Ransomware hackers claim breach at Foxconn, a major electronics manufacturer for Apple, Google, and Nvidia
May 13, 2026
Electronics manufacturing giant Foxconn, which makes devices and components for Apple, Google, Nvidia, and Sony, among other tech giants, confirmed on Monday that it was hit by a cyberattack that may have affected some of its factories. In a statement sent to media outlets, Foxconn said that the cyberattack affected facilities in North America and that ...