⚡ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More

Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions that seem normal but aren't. Attackers now know how to stay hidden by blending in, and that makes it hard to tell when something's wrong. This week's stories aren't just about what was attacked—but how...

Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware

Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3....

Unspecified Vulnerability in Apple iOS and Apple iPadOS Messages Component

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple iPadOS is an operating system for iPad tablets. messages is one of the components of the application used to send text, photos, and videos. A security vulnerability exis...

Unspecified Vulnerability in Messages Component of Multiple Apple Products

Apple iOS and others are products of Apple Inc.Apple iOS is a set of operating systems developed for mobile devices.Apple watchOS is a set of operating systems for smartwatches.Apple iPadOS is a set of operating systems for iPad tablets.Messages is one of the application components used to send...

CVE-2020-3844

This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1. Users removed from an iMessage conversation may still be able to alter state...

Apple Messages HandwritingProvider Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Messages. User interaction is required to exploit this vulnerability in that the target must open the Messages application. The specific flaw exists within the HandwritingProvider modul...

Apple iOS Messages Component Input Validation Error Vulnerability

Apple iOS is an operating system for mobile devices developed by Apple Inc. Messages is an application component for sending text, photos and videos. An input validation error vulnerability exists in the Messages component in Apple iOS versions prior to 12.3. An attacker could exploit this...

New iPhone Bug Gives Anyone Access to Your Private Photos

A security enthusiast who discovered a passcode bypass vulnerability in Apple's iOS 12 late last month has now dropped another passcode bypass bug that works on the latest iOS 12.0.1 that was released last week. Jose Rodriguez, a Spanish amateur security researcher, discovered a bug in iOS 12 in...

CVE-2018-4240

An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2018-12254)

Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is a suite of operating systems for mobile devices; macOS High Sierra is a specialized operating system for Mac computers; tvOS is a smart TV operating system; and watchOS is a smart watch operating system.Messag...