#India is trying to block #ProtonMail, #Google adds (allegedly) private #AgeVerification to their Wallet app, millions of #Apple #Airplay devices are at risk, a new metasearch engine from #Waterfox, and more on this week's Surveillance Report!
YouTube: https://www.youtube.com/watch?v=-1jbiQYmpPc
Audio, RSS, and other sites: https://surveillancereport.tech
Billions of Apple & third-party devices are at risk from “AirBorne” flaws in #AirPlay. Oligo found 23 vulnerabilities enabling RCE & data theft. Update now!
Read: https://hackread.com/apple-devices-risk-airborne-airplay-vulnerabilities/
Latest issue of my curated #cybersecurity and #infosec list of resources for week #18/2025 is out!
It includes the following and much more:
France has linked Russian APT to 12 #cyberattacks on French Orgs.;
Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation;
#Vulnerabilities in Apple's #AirPlay Protocol;
New York's Metropolitan Transportation Authority plans to use #AI and cameras to detect potential subway crimes before they happen;
@SentinelOne Targeted by Chinese #PurpleHaze Group;
#Microsoft sets all new accounts #passwordless by default;
The #Trump administration plans to cut $491 million from #CISA's budget;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end 
https://infosec-mashup.santolaria.net/p/infosec-mashup-18-2025
Serious AirPlay gap: Users demand firmware update for old AirPort routers
Apple has not sold Wi-Fi routers since 2018, but some devices are still in use. But without a patch, they are now at risk. Users are demanding help.
Schwere AirPlay-Lücke: User fordern Firmware-Update für alte AirPort-Router
Seit 2018 verkauft Apple keine WLAN-Router mehr, dennoch sind einige Geräte weiter in Betrieb. Doch ohne Patch sind sie nun in Gefahr. Nutzer fordern Hilfe.
Chyba grubo. Przy okazji, dlaczego Rust 
"Apple’s AirPlay feature enables iPhones and MacBooks to seamlessly play music or show photos and videos on other Apple devices or third-party speakers and TVs that integrate the protocol. Now newly uncovered security flaws in AirPlay mean that those same wireless connections could allow hackers to move within a network just as easily, spreading malicious code from one infected device to another. Apple products are known for regularly receiving fixes, but given how rarely some smart-home devices are patched, it’s likely that these wirelessly enabled footholds for malware, across many of the hundreds of models of AirPlay-enabled devices, will persist for years to come.
On Tuesday, researchers from the cybersecurity firm Oligo revealed what they’re calling AirBorne, a collection of vulnerabilities affecting AirPlay, Apple’s proprietary radio-based protocol for local wireless communication. Bugs in Apple’s AirPlay software development kit (SDK) for third-party devices would allow hackers to hijack gadgets like speakers, receivers, set-top boxes, or smart TVs if they’re on the same Wi-Fi network as the hacker’s machine. Another set of AirBorne vulnerabilities would have allowed hackers to exploit AirPlay-enabled Apple devices too, Apple told Oligo, though these bugs have been patched in updates over the last several months, and Apple tells WIRED that those bugs could have only been exploited when users changed default AirPlay settings.
Those Apple devices aside, Oligo’s chief technology officer and cofounder, Gal Elbaz, estimates that potentially vulnerable third-party AirPlay-enabled devices number in the tens of millions."
Millions of #Apple #Airplay-Enabled Devices Can Be Hacked via Wi-Fi
https://www.wired.com/story/airborne-airplay-flaws/ #cybersecurity
Update anything that is compatible with Apple Airplay, if you can.
If you can't...be careful.
woah 
Wormable Zero-Click Remote Code Execution (RCE) in AirPlay Protocol
Forscher haben eine kritische #Sicherheitslücke in #Apple #AirPlay entdeckt. #Hacker können Geräte im selben WLAN ohne Passwort kapern. Nutzer sollen ihr #iPhone und alle anderen Geräte dringend updaten. https://winfuture.de/news,150658.html?utm_source=Mastodon&utm_medium=ManualStatus&utm_campaign=SocialMedia
I'll say it once, I'll say it again!
UPDATE YO SHIT!
Millions of AirPlay devices can be hacked over Wi-Fi; CarPlay too - 9to5Mac
https://9to5mac.com/2025/04/29/millions-of-airplay-devices-can-be-hacked-over-wi-fi-carplay-too/
Security alert! Oligo Security uncovers "AirBorne" flaws in Apple’s AirPlay, exposing iPhones, Macs, Apple TV & CarPlay to zero-click RCE attacks! 
Wormable exploits, data leaks & more-patch now if you haven’t updated! 
Read more: https://cyberinsider.com/airborne-flaws-expose-apple-devices-to-zero-click-rce-attacks/ #Apple #Cybersecurity #ZeroClick #AirPlay #newz
Serious gaps in AirPlay: Apple patches, other devices probably still vulnerable
Vulnerabilities allow AirPlay devices to be taken over, warn security researchers. There are patches for iPhones & Co, but it gets tricky with other hardware.
Schwere Lücken in AirPlay: Apple patcht, andere Geräte wohl weiter angreifbar
Schwachstellen erlauben die Übernahme von AirPlay-Geräten, warnen Sicherheitsforscher. Für iPhones & Co gibt es Patches, bei anderer Hardware wird es knifflig.
Tipp: iPhone vom automatischen AirPlay abhalten
Ihr iPhone wechselt plötzlich und unerwünscht vom HomePod auf ein Apple TV oder umgekehrt? Das können Sie dagegen tun.
Cisco: AirPlay for Teams Rooms and better Vision Pro support for WebEx
Cisco will better support Apple hardware with its WebEx and Teams solution in future. It's all about local streaming and spatial computing.
Cisco: AirPlay für Teams Rooms und besserer Vision-Pro-Support für WebEx
Cisco unterstützt Apple-Hardware mit seinen WebEx- und Teams-Lösung künftig besser. Es geht um lokales Streaming und Spatial Computing.
