Security researchers Paradigm Shift have discovered a vulnerability in older iPhone and Apple Watch models which can be used to jailbreak the devices. What makes this vulnerability special is the fact that there is no fix for it – the only way to really be secure is to replace the device with a newer model.
The good news is that exploiting the flaw isn’t that simple. It cannot be done remotely since the attacker needs to have physical access to the device, and needs to hook it up to a Raspberry Pi.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Beyond the Battlefield: Threats to the Defense Industrial Base
February 10, 2026
In modern warfare, the front lines are no longer confined to the battlefield; they extend directly into the servers and supply chains of the industry that safeguards the nation. Today, the defense sector faces a relentless barrage of cyber operations conducted by state-sponsored actors and criminal groups alike. In recent years, Google Threat Intelligence Group (GTIG) ...
- A Peek Into Muddled Libra’s Operational Playbook
February 10, 2026
During a September 2025 incident response investigation, Unit 42 discovered a rogue virtual machine (VM) which they believe with high confidence to be used by the cybercrime group Muddled Libra (aka Scattered Spider, UNC3944). The contents of this rogue VM and activity from the attack provide valuable insight into the operational playbook of this threat actor. ...
- SolarWinds Web Help Desk Exploitation – February 2026
February 10, 2026
Multiple intrusions have been publicly reported starting on February 6, 2026 stemming from Internet-connected servers utilizing SolarWinds Web Help Desk software. This exploitation activity reportedly first occurred in December 2025. Given the number of recent CVEs affecting this product, it’s not yet clear which of several CVEs is directly responsible for these campaigns. Below are ...
- UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering
February 9, 2026
North Korean threat actors continue to evolve their tradecraft to target the cryptocurrency and decentralized finance (DeFi) verticals. Mandiant recently investigated an intrusion targeting a FinTech entity within this sector, attributed to UNC1069, a financially motivated threat actor active since at least 2018. This investigation revealed a tailored intrusion resulting in the deployment of seven unique ...
- Malaysia: Nacsa investigating alleged cyber-espionage targeting multiple government bodies
February 7, 2026
The National Cyber Security Agency (Nacsa) is currently investigating alleged incidents of cyber-espionage activity targeting various Malaysian government entities. In a statement to StarLifestyle, a Nacsa spokesperson said the agency is aware of a report published by Unit 42, the threat research unit of US-based cybersecurity firm Palo Alto Networks. The Nacsa spokesperson said the agency ...
- Approaching cyclone: Vortex Werewolf attacks Russia
February 6, 2026
In December 2025 and January 2026, BI.ZONE Threat Intelligence detected malicious activity by a new cluster Vortex Werewolf (SkyCloak). The attacks targeted Russian government and defense organizations. BI.ZONE researchers findings indicate that the adversary used phishing emails to deliver malware to the target systems. Victims received messages containing a download link disguised as a Telegram file‑sharing ...