Thursday, 1 May 2025
26.7 C
Singapore
30 C
Thailand
21 C
Indonesia
28.6 C
Philippines

AirPlay flaws could let hackers spread malware through your network

AirPlay bugs could let hackers attack your devices and spread malware on your network. Update your Apple gear now to stay safe.

AirPlay, the wireless streaming feature many Apple users rely on daily, may be more vulnerable than you think. Cybersecurity firm Oligo has revealed several flaws in Apple’s AirPlay system that could let hackers take control of your devices and spread harmful software across your entire network.

These flaws—found in both the AirPlay protocol and the software developers use to build AirPlay features—were discovered by Oligo’s security researchers and reported by Wired on June 28. The vulnerabilities the team named “AirBorne” could allow hackers to break into your network if you’re not careful.

How the AirPlay bugs work

Oligo says two of the bugs are what experts call “wormable.” That means a hacker could take over a single AirPlay device and use it to spread malware across every other device connected to the same network. While this might sound alarming, the attacker must be on your Wi-Fi network — they can’t break in from the outside.

If they are on your network, the risks increase. Oligo warns that attackers could run their code on your devices (a method known as an RCE, or remote code execution, attack). They could steal your files, listen to conversations, and even show unwanted images on screens like smart TVs or speakers. In one case, the team showed how an AirPlay-enabled Bose speaker could display a hacker-controlled image or eavesdrop by turning on the speaker’s microphone.

The threat isn’t limited to Apple-made devices either. Oligo points out that many third-party products — such as smart TVs, standalone speakers, and home theatre systems — use AirPlay. These may still be vulnerable if they haven’t received security updates.

Public Wi-Fi and CarPlay risks

You might feel secure at home, but Oligo warns that the dangers grow when you connect to public networks like cafes, airports, or hotels. If your iPhone, iPad, or MacBook uses an older version of Apple’s software and connects to a shared Wi-Fi network, you could unknowingly open yourself to attack.

The risk also extends to CarPlay, the Apple system used in vehicles. According to Oligo, hackers could carry out an RCE attack through a car’s Wi-Fi hotspot — especially if the default password hasn’t been changed. Once inside the system, they could display images on your dashboard screen or even track your car’s location.

Apple has responded — but you still need to update

Apple has already patched these bugs in its latest software updates, which means you should be protected if you’re using Apple’s most recent operating systems. However, the same can’t be said for third-party devices using AirPlay. While Apple has released patches that other companies can apply, it doesn’t directly control how or when they do so.

A cybersecurity expert told Wired that each manufacturer is responsible for updating their products—and that doesn’t always happen quickly.

Oligo reminds users that millions of third-party AirPlay devices are in homes and vehicles worldwide. CarPlay, in particular, is found in over 800 vehicle models. That means the potential for harm is widespread, especially for those who don’t regularly update their systems or use default passwords.

To protect yourself, ensure your devices are running the latest Apple software, avoid public Wi-Fi when possible, and constantly update any third-party gear you use for streaming.

Hot this week

StarHub celebrates 25 years of connection and innovation

StarHub celebrates 25 years of connecting Singapore, marking the milestone with island-wide festivities, giveaways, and new entertainment experiences.

Mac-style tools are coming to iOS 19 and iPadOS 19 to boost productivity

Apple is planning Mac-style updates in iOS 19 and iPadOS 19 to boost productivity, with features expected at WWDC 2025.

Ghost of Yotei is set to launch on PS5 this October with a new trailer and details

Ghost of Yotei arrives on PS5 this October with a new trailer, a thrilling story, and multiple game editions, including exclusive extras.

WhatsApp adds new Advanced Chat Privacy feature to boost group chat security

WhatsApp's new Advanced Chat Privacy feature helps stop group chat content from being shared or saved outside the app.

Google to end support for early Nest thermostats on October 25

Google will stop supporting first—and second-generation Nest thermostats on October 25 and end new Nest launches in Europe.

You can get DOOM: The Dark Ages free with select Nvidia graphics cards

Get DOOM: The Dark Ages Premium Edition free with select Nvidia RTX 50 GPUs until May 21, including in-game extras and early access.

Xiaomi enters China’s AI race with new model to power smart devices

Xiaomi joins China’s AI race with its new MiMo model, aiming to power devices with smarter tech and compete with big tech firms.

Samsung chip profits fall sharply due to US export controls and price drops

Samsung chip profits dropped 40% due to US export rules and price cuts as the company raced to catch up in AI memory production.

Chinese AI and robotics start-ups back Xi’s push for technological self-reliance

Chinese AI and robotics start-ups vow self-reliance after Xi visits Shanghai, showcasing innovation and commitment to homegrown tech.

Related Articles

Popular Categories