If you often stream music or mirror your iPhone screen using AirPlay, or rely on CarPlay in your car, you might want to pay close attention. Security experts have found serious flaws in Apple’s wireless sharing features that could let hackers break into your devices.
Cybersecurity company Oligo recently found a group of vulnerabilities in Apple’s AirPlay system and software development kit. These issues can be used by attackers to spread malware across all devices on a shared network, Wired reports.
Researchers describe the vulnerabilities and attacks they enable as “AirBorne.” According to Oligo, two of the bugs are “wormable” and could allow hackers to take control of one AirPlay-enabled device and then quickly infect other gadgets connected to the same network. The only catch is that the attacker needs to be on the same Wi-Fi as the target.
Also read: Apple iPhone 17 Air leaked render reveals ultra thin design, pill shaped camera layout: Here’s everything we know
Once in, hackers could do a lot of damage — like running malicious code on your devices, getting access to personal files, or even launching denial-of-service (DoS) attacks that crash your device. They could also do creepy things like display strange images on your smart speaker or even use its microphone to listen to what’s going on around it.
Although Apple has already fixed these bugs with software updates, the problem isn’t completely solved. That’s because there are many third-party devices that support AirPlay but aren’t made by Apple.
While the chances of a hacker being on your home network are relatively low, AirBorne attacks could still occur if you connect to a public Wi-Fi network using an AirPlay-enabled device that hasn’t been updated with the latest Apple software.
Also read: Apple iPhone 17 Pro Max release timeline, camera, design, features, price and all other leaks
CarPlay is also affected. Oligo says hackers “could execute an RCE attack” by connecting to a car’s Wi-Fi if it’s still using a default or easy-to-guess password. Hackers could show unwanted images on the car’s screen or even track the vehicle’s location.