Remember Apple’s “privacy. It’s an iPhone” marketing campaign? If you are not aware, the company likes to portray its products as synonymous with privacy. However, the recent wave of security vulnerabilities affecting the iPhone and Macs suggest that Apple products may not be as safe as advertising.
A recent security error only enhances this point. Security researchers have found that Apple’s Password Management Application, passwords, vulnerable to phishing attacks almost three months after starting. This meant that the attacker on the same Wi-Fi network as you, as at the airport or cafe, could divert your browser to the web site for theft of fishing to stole your login credentials.
The person holding an iPhone (Kurt “Cyberguy” Knutsson)
What you need to know
Safety researchers at MyskThey noticed that the Apple’s password app, presented with the iOS 18 in September 2024, had a significant security flaw that made users leave vulnerable on phishing attacks for almost three months.
The application used non -hated HTTP connections instead of safer https to retrieve the logo and icons shown with stored passwords. This enabled the attackers on the same network, such as the public Wi-Fi at a cafe or airport, intercept these requirements and potentially diverts of users on the Phishing Web site intended for the theft of the application credentials.
The question remained unresolved of launching iOS 18 in September 2024. While Apple improved it in December 2024, leaving the users exposed to almost three months. If someone opened a password application and collected a connection, such as “Change the password”, while connected to an insecure network, the attacker could intercept the request and divert them to a fake place by mimicking the legitimate, like a false application page to Yelp. Since the application did not spend HTTPS, users may not notice a switch, which brings their sensitive data to danger.
Woman on her iPhone (Kurt “Cyberguy” Knutsson)
How to Protect iPhone & iPad from Malicious Software 2025.
Apple has now solved the problem
Apple solved the problem after being reported by Mysk security researchers in September 2024. Update iOS 18.2, published in December, patching vulnerability by conducting HTTPS for all network communications within the password application, which is much harder for attackers to intercept or redirect traffic.
If you use an iPhone or iPad with a password app, make sure your device is updated to iOS 18.2 or newer. This ensures that you are protected from this vulnerability. If you have not yet updated and used the application on a public Wi-Fi between September and December 2024, consider changing passwords for any accounts that you have accessed during that period, just to be sure.
How to update software on your iPhone
Follow steps to update iPhone or iPad:
- Touch Settings
- Touch General
- Touch Software update
- If the update is available, it will give you the ability to download and install
Software update (Kurt “Cyberguy” Knutsson)
Your iPhone has a hidden folder that eats storage space without you know neither do you know
6 ways you can stay safe from hackers targeting your passwords
Apple’s recent safety error with a password application emphasizes the importance of taking steps to protect your digital identity. Here are some ways you can stay safe from the hackers targeting your passwords.
1) Use a reliable password manager: Apple Apps are generally safer than third -party options, but the password application is obviously not. The fact that safety vulnerability existed three months before Apple fixed, proves that Apple should put greater emphasis on guarding customers data. I suggest you decide on a reliable password manager instead of relying on Apple’s offer. Get more details about my Best reviewed password managers from 2025. Here.
2) Enable a dual -factor authentication (2FA): It’s good to have a password manager, but you know what’s better? 2fa. Adding an additional safety layer with 2FA They can prevent hackers from approaching your accounts, even if they steal your password. Use authentication apps such as Google Authenticator, Microsoft Authenticator or Hardware Security Keys instead of SMS codes, which are sensitive to SIM-SWAPING attacks.
3) Avoid public Wi-Fi for sensitive activities and use VPN: Hackers can use unprotected public networks to intercept your login credentials. If you have to access sensitive accounts on Public Wi-FiUse VPN to encrypt your internet traffic and prevent attackers from sniffing according to your data. VPN will protect you from those who want to follow and identify your potential location and websites you visit. Reliable VPN is crucial to protect your internet privacy and ensuring safe, high speeds. For Best VPN Software, See My Expert for Reviewing the Best VPN -OV for private internet review on your Windows, Mac, Android and iOS devices.
4) Watch out to phishing attacks and install strong antivirus software: You can have all the protection in the world, but E -stio or SMS theft of identity can still cause desolation. Hackers often use fake sign -in pages to deceive you to enter your credentials. Always check the URL before entering the login details, avoid by clicking on suspicious UE -mail or messages. The best way to protect yourself from malicious bonds is to install antivirus software on all your devices. This protection can also alert you of phishing e -Mail and fraud from Ransomware, keeping your personal information and digital assets. Get my elections for the best winners to protect against antivirus 2025 for your Windows, Mac, Android and iOS devices.
5) Notify your devices: Regularly Update your devices and software To ensure you have the latest security patches.
6) Regularly monitor all your accounts: Follow your accounts for suspicious activity and report all unusual transactions or attempts to apply to Apple.
Apple publishes an emergency security update due to serious vulnerability
Kurt’s key step
It has been a long time for a long time for a safety disadvantage at the password manager to become separated, especially from a company that presents itself as a privacy leader. This incident emphasizes a worrying reality. Apple security measures are not unmistakable, or even built -in system applications can expose users to serious risks. Although the repair eventually arrived, it did not take long to get rid of such a fundamental question. If Apple wants to maintain his first privacy picture, it must do better by ensuring more rigorous security test before starting.
Do you think Apple makes enough to stay ahead of the evolution of cyber threats or are there any additional steps that the company should take to protect its users? Let us know by writing us on Cyberguy.com/contact.
For more of my technological tips and security warnings, subscribe to my free newsletter about Cyberguy Report, moving toward Cyberguy.com/newslettter.
Warning: Malicious software steals bank cards and passwords with millions of devices.
Ask the Kurt question or let us know which stories would you like to cover.
Follow Kurt on his social channels:
Answer to the most demanding questions about Cyberguy:
New from Kurt:
Copyright 2025 Cyberguy.com. All rights reserved.
