Do you remember the Apple marketing campaigns, “This is iPhone”? If you are not aware, the company loves to photograph its products as a synonym for privacy. However, the last wave of security weaknesses affecting iPhone and Macs indicates that Apple products may not be safe as announced.
The last security mistake only strengthens this point. Safety researchers have discovered that the compact Manager Password app in Apple, passwords, was subject to hunting attacks for about three months after launch. This means that a striker on the same Wi-Fi network, as at the airport or cafe, can redirect your browser to a hunting site similar to stealing your login data.
A person with an iPhone (Cyberguy “Knutsson)
What you need to know
Security researchers in MuskI noticed that the Apple password application, which was presented using iOS 18 in September 2024, had a major security defect that left users vulnerable to approximately three months.
Use the non -encrypted HTTP connections instead of the safest https to bring slogans and symbols displayed along with stored passwords. This allowed attackers on the same network, such as the public Wi-Fi network in a café or airport, to intercept these requests and to redirect users to the clinic sites designed to steal the credit data. Log in.
The problem remained without a solution from the launch of iOS 18 in September 2024 until Apple repaired it in December 2024, letting users be exposed for about three months. If someone opens the passwords application and takes advantage of a link, such as “Change the Password”, as it is connected to an unsafe network, the attacker can intercept the request and redirect it to a fraudulent site that simulates a legal site, such as the fake login page. Since the application did not impose https, users may not notice the key, which puts their sensitive information.
A woman on iPhone (Cyberguy “Knutsson)
How to protect the iPhone & iPad from malware in 2025
Apple has now fixed the problem
Apple dealt with the problem after informing my Mysk security researchers in September 2024. IOS 18.2 update, which was released in December, corrects the weakness through the HTTPS application for all network connections within the password application, making it difficult for the attackers to intercede or redirect traffic.
If you are using iPhone or iPad with passwords application, make sure to update your device to iOS 18.2 or newer. This ensures that you are protected from this weakness. If you have not yet updated it and used the application on the public Wi-Fi network between September and 2024, think about changing passwords for any accounts you have reached during that period, only to be safe.
How to update the program on your iPhone
Follow the steps to update iPhone or iPad:
- Click on Settings
- Click on general
- Click on Program update
- If the update is available, it will provide you with the option to download and install
Program update (Cyberguy “Knutsson)
Your iPhone has a hidden folder that eats storage space without knowing
6 ways you can stay safe from infiltrators who target your passwords
The last security mistake from Apple with the password application is highlighted the importance of taking steps to protect your digital identity. Here are some ways that you can stay safe from infiltrators who target your passwords.
1) Use a reliable password manager: Apple applications are generally safer than third -party options, but it is clear that the passwords application was not. The fact that the security weakness exists for three months before the Apple repair, it proves that the Apple needs to focus more on maintaining the safe customer data. I suggest choosing a reliable password manager instead of relying on the Apple offer. Get more details about my country The best password managers reviewed by experts in 2025 here.
2) Empowerment of bilateral approval (2FA): It is good to have password managers, but you know what is better? 2FA. Add an additional layer of safety with 2FA You can prevent infiltrators from reaching your accounts, even if you stole your password. Use authentication applications such as Google Authentical, Microsoft Authentical or Hardware Security instead of SMS codes, which are vulnerable to SIM attacks.
3) Avoid the general Wi-Fi network for sensitive activities and the use of VPN: Crossians can exploit the unprecedented public networks to intercept your login approved data. If you have to reach sensitive accounts The general Wi-Fi networkUse VPN to encrypt your internet traffic and prevent attackers from parasitizing your data. VPNS will protect you from those who want to track your potential site and the websites you visit. VPN is reliable necessary to protect your online privacy and ensure a safe and high -speed connection. For the best VPN program, see experts review for the best VPNS to browse your web alone Windows, Mac, Android and iOS devices.
4) Beware of hunting attacks and installing strong antivirus programs: You can get all the protection in the world, but an email for hunting or SMS can still cause chaos. Fake login infiltrators often use your deception to enter your credentials. Always check the URLs before entering the login details, and avoid clicking on suspicious links in emails or messages. The best way to protect yourself from harmful links is to install the antivirus program on all your devices. This protection can also be alerted to relieving emails and fraud on Ransomwari, and maintaining your personal information and digital assets. Get my choices for the best winners to protect antivirus 2025 for Windows, Mac, Android and iOS devices.
5) Keep updating your devices: regularly Update your devices and programs To ensure that you get the latest safety corrections.
6) Monitor all your accounts regularly: Watch your accounts of suspicious activity and report any unusual transactions or entry to Apple.
Apple launches emergency security update for serious weakness
Court Kisa Curt
Three months is a long time for a safety vacancy in the password manager to go to its absence, especially from a company that displays itself as a leader in privacy and safety. This accident highlights a disturbing fact. Apple safety measures do not mean, and even compact system applications can expose users to serious risks. Although the reform has ultimately arrived, this should not take a long time until this basic issue is addressed. If Apple wants to keep its first image, it should work better by ensuring a tougher security test before launch.
Do you think that Apple is doing enough to stay at the top of advanced electronic threats, or is there additional steps that the company should take to protect its users? Let’s know through our writing in Cyberguy.com/contact.
For more technical advice and security alerts, participated in the free newsletter of Cyberguy Report by going to Cyberguy.com/newsledter.
Remove: Harmful programs steal banking cards and passwords from millions of devices.
Ask Kurt a question or tell us about the stories you want to cover.
Follow Court on his social channels:
Answers to the most amazing Cyberguy questions:
New from Court:
Copyright 2025 Cyberguy.com. All rights reserved.
https://static.foxnews.com/foxnews.com/content/uploads/2025/03/1-apple-fixes-critical-passwords-app-vulnerability-enabling-wi-fi-phishing-attacks-intro.jpg
Source link