Security researchers Paradigm Shift have discovered a vulnerability in older iPhone and Apple Watch models which can be used to jailbreak the devices. What makes this vulnerability special is the fact that there is no fix for it – the only way to really be secure is to replace the device with a newer model.
The good news is that exploiting the flaw isn’t that simple. It cannot be done remotely since the attacker needs to have physical access to the device, and needs to hook it up to a Raspberry Pi.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE
April 21, 2025
During trend Micro researchers monitoring of the ransomware threat landscape, they discovered samples with infection chain characteristics and payloads that can be attributed to FOG ransomware. A total of nine samples were uploaded to VirusTotal between March 27 and April 2, which the researchers recently discovered were multiple ransomware binaries with .flocked extension and readme.txt notes. ...
- Lumma Stealer – Tracking distribution channels
April 21, 2025
The evolution of Malware-as-a-Service (MaaS) has significantly lowered the barriers to entry for cybercriminals, with information stealers becoming one of the most commercially successful categories in this underground economy. Among these threats, Lumma Stealer has emerged as a particularly sophisticated player since its introduction in 2022 by the threat actor known as Lumma. Initially marketed as ...
- New Rust Botnet “RustoBot” is Routed via Routers
April 21, 2025
FortiGuard Labs recently discovered a new botnet propagating through TOTOLINK devices. Unlike previous malware targeting these devices, this variant is written in Rust—a programming language introduced by Mozilla in 2010. Due to its Rust-based implementation, we’ve named the malware “RustoBot.” In January and February of 2025, FortiGuard Labs observed a significant increase in alerts related to ...
- Phishing attacks leveraging HTML code inside SVG files
April 21, 2025
With each passing year, phishing attacks feature more and more elaborate techniques designed to trick users and evade security measures. Attackers employ deceptive URL redirection tactics, such as appending malicious website addresses to seemingly safe links, embed links in PDFs, and send HTML attachments that either host the entire phishing site or use JavaScript to ...
- Google Confirms Gmail Warning – 3 Billion Users Must Now Act
April 20, 2025
Google has confirmed another attack on Gmail users that combines inherent vulnerabilities in the platform with devious social engineering. The net result is a flurry of headlines and viral social media posts followed by an urgent platform update. Google’s security warning is clear. Users should stop using their passwords. This latest attack has been bubbling on ...
- FBI Warns of Scammers Impersonating the IC3
April 18, 2025
The Federal Bureau of Investigation (FBI) warns the public about an ongoing fraud scheme where criminal scammers are impersonating FBI Internet Crime Complaint Center (IC3) employees to deceive and defraud individuals. Between December 2023 and February 2025, the FBI received more than 100 reports of IC3 impersonation scams. How It Works Complainants report initial contact from the ...