Don't Just Read the News, Understand It.
Get Started
SubscribeLogin
Israel-Hamas Conflict
Donald Trump
Artificial Intelligence
Elon Musk
Social Media
Nintendo
Eid
World Cup
Republican Party
Soccer
US Politics
Tesla
Senate
Published loading...Updated

Apple iOS Activation Flaw Enables Injection of Unauthenticated XML Payloads

Summary by IT Security News - Cybersecurity, Infosecurity News
A severe vulnerability in Apple’s iOS activation infrastructure has been uncovered, posing a significant risk to device security during the setup phase. This flaw, identified in the iOS Activation Backend at the endpoint https://humb.apple.com/humbug/baa, allows attackers to inject unauthenticated XML… Read more → The post Apple iOS Activation Flaw Enables Injection of Unauthenticated XML Payloads appeared first on IT Security News.
DisclaimerThis story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.

5 Articles

All
Left
Center
Right
Programmez!Programmez!

Java or Swift? Apple Migrates a Security-Related Web Service

Apple offers a service dedicated to password verification: Password Monitoring. This service was historically written in Java. Several billion verification requests are made every day. The teams have completely rewritten this service in Swift. As a result: higher performance, higher load and constant availability. "The Password application, launched in the fall of 2024, helps users manage their passwords, access keys and verification codes. It a…

Read Full Article
Digital PhabletDigital Phablet

How Apple Intelligence Helps Robbers Bypass Siri Security - Digital Phablet

Have you ever wondered if there’s a way to unlock your iPhone without Face ID or a passcode? Recently, my mom and I discovered a glitch with Siri that allows this. While it’s concerning, it highlights an important issue with phone security that needs attention. Here’s how we found it and what you should know to protect your data. How We Discovered the Glitch While trying out different Siri commands, we realized that there was a way to access the…

Read Full Article
cybernoz.comcybernoz.com

Apple IOS Activation Flaw Enables Injection Of Unauthenticated XML Payloads - Cybernoz - Cybersecurity News

A severe vulnerability in Apple’s iOS activation infrastructure has been uncovered, posing a significant risk to device security during the setup phase. This flaw, identified in the iOS Activation Backend at the endpoint https://humb.apple.com/humbug/baa, allows attackers to inject unauthenticated XML .plist payloads without any form of sender verification or signature validation. Tested on the latest stable iOS 18.5 release as of May 2025, the …

Read Full Article
GBHackers On SecurityGBHackers On Security
Reposted by
IT Security News - cybersecurity, infosecurity newsIT Security News - cybersecurity, infosecurity news

Apple iOS Activation Flaw Enables Injection of Unauthenticated XML Payloads

A severe vulnerability in Apple’s iOS activation infrastructure has been uncovered, posing a significant risk to device security during the setup phase. This flaw, identified in the iOS Activation Backend at the endpoint https://humb.apple.com/humbug/baa, allows attackers to inject unauthenticated XML .plist payloads without any form of sender verification or signature validation. Tested on the latest […] The post Apple iOS Activation Flaw Enabl…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • There is no tracked Bias information for the sources covering this story.
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

GBHackers On Security broke the news in on Tuesday, June 3, 2025.
Sources are mostly out of (0)

Similar News Topics

Apple

Apple

Siri

Siri

iPhone

iPhone

News
For You
SearchBlindspotLocal