The major tech platform is urging all of their users to update their software immediately following new research.
Apple users warned to update device software
Apple says a critical vulnerability has been detected that enables Israeli spyware company NSO Group to take control over any Apple device, whether that be computer, watch or phone.
It comes as researchers at The Citizen Lab made the discovery on Monday.
“While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage,” researchers said.
“The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.”
The malicious software hacks devices after sending a message through iMessage.
They then start controlling devices through a flaw in Apple’s image processing systems.
An attack on users without warning
But what researchers find most alarming is that devices are hacked without the user knowing as they don’t have to click on a link or download a file to grant the hacker permission to take over.
“The user sees crickets while their iPhone is silently exploited,” Researcher John Scott-Railton says.
“Someone sends you a GIF that isn’t, and then you’re in trouble. That’s it. You don’t see a thing.”
While all users are being urged to update their software, government groups are likely to be a key-target as they use NSO group’s software.
A breach of trust?
The spyware company creates surveillance and hacking software that governments often rent to investigate the computer and smartphone activity of criminals.
Usually, this is done lawfully with NSO saying it can’t be used to target the devices of American citizens.
However, prior research has found this is not always the case, with reports suggesting their Pegasus software has been used against Mexican journalists and Saudi Arabia protestors.
Despite this, NSO reassures its users that it will continue to supply their services to help prevent criminal behaviour online.
“NSO Group will continue to provide intelligence and law enforcement agencies around the world with life saving technologies to fight terror and crime,” an NSO spokesperson said.
No comments are yet to be made on the discovery of Apple’s critical vulnerability.
Here’s what users should do next
Meanwhile, Ivan Krstić, Apple’s head of Security Engineering and Architecture, says he is grateful to Citizen Lab for alerting the company on the exploit.
“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.”
Ivan Krstić said in a statement
For those who are concerned, Citizen Lab researchers urge users to stay alert and to monitor their phone activity.
Additionally, paying attention to software updates and installing them will also help with preventing future bug issues that could lead to devices being hacked.
“[Software updates] will prevent you from being infected with this exploit going forward,” Researcher John Scott-Railton says.
“But what we know is NSO is always trying to find other ways to infect people’s phones, and they may turn to something else.”
OpenAI has taken another giant leap forward with the launch of ChatGPT Atlas — an AI-powered web browser that could redefine how people search, explore, and interact online. Investors and competitors are watching closely as this new technology challenges the dominance of traditional browsers like Google Chrome.
With ChatGPT Atlas, users may soon experience a web that feels less like typing into a search box and more like conversing with an intelligent assistant. The integration of AI could make browsing faster, more intuitive, and more personalised than ever before — but it also raises serious questions about privacy and data use.
As AI becomes more deeply embedded in the digital world, ChatGPT Atlas could represent the next major step toward a fully AI-driven online experience. What does this mean for users — and for the tech giants trying to keep up?
In Short:
– OpenAI partners with Bryan Cranston and unions to combat deepfakes on its Sora app.
– The app now includes options for people to control their likenesses and voices.
OpenAI announced it will work with Bryan Cranston, SAG-AFTRA, and actor unions to combat deepfakes on its AI video app, Sora.Cranston voiced concerns after unauthorized AI-generated clips featuring his likeness emerged after Sora 2’s launch in late September. He showed gratitude to OpenAI for taking steps to safeguard actors’ rights to control their likenesses.
The partnership aims to enhance protections against unauthorized AI content. The Creative Artists Agency and United Talent Agency had previously criticized OpenAI, citing risks to their clients’ intellectual property.
Last week, OpenAI blocked disrespectful videos of Martin Luther King Jr. at the request of his estate, following similar pressures. Zelda Williams also requested the public refrain from sending her AI-generated clips of her late father, Robin Williams.
Policy Changes
Following tensions post-launch, CEO Sam Altman revised Sora’s policy to give rights holders greater control of their likenesses.
The app now allows individuals to opt-out, reflecting OpenAI’s commitment to respond quickly to concerns from performers.
OpenAI backs the NO FAKES Act, supporting legislation that aims to protect individuals from unauthorized AI-generated representations.
OpenAI is focused on ensuring performers’ rights are respected regarding the misuse of their voices and likenesses. Altman reiterated the company’s dedication to these protections.
In Short:
– AWS outage on Monday disrupted major apps like Fortnite, Snapchat, and affected several global companies.
– UK companies including Lloyds Bank and Vodafone reported issues due to the AWS outage.
Amazon’s AWS experienced a significant outage on Monday, impacting major apps including Fortnite and Snapchat. The disruption affected connectivity for numerous companies globally.AWS reported increased error rates and latencies across multiple services and is attempting to recover quickly.
The outage marks the first significant internet disruption since a previous incident last year that impacted essential technology systems globally. AWS offers on-demand computing and storage services and is vital for many websites and platforms.
Multiple companies reported disruptions, including AI startup Perplexity, cryptocurrency exchange Coinbase, and trading app Robinhood. Perplexity’s CEO confirmed on X that the outages were linked to AWS issues.
Amazon’s shopping site, Prime Video, and Alexa services also faced difficulties, according to Downdetector. Other affected platforms included popular gaming applications like Clash Royale and financial services such as Venmo and Chime.
Uber competitor Lyft’s app was reported down for numerous users in the U.S. Messaging platform Signal also acknowledged connection problems stemming from the AWS outage.
British Companies
In the UK, Lloyds Bank, Bank of Scotland, and telecom services provider Vodafone were notably affected. The HMRC’s website also encountered issues during this outage.
Elon Musk stated that his platform, X, remained operational despite the widespread disruptions.