RPRNA

Search results for: “security”

  • Navigating the Digital Labyrinth: A 2025 cybersecurity reading list

    Navigating the Digital Labyrinth: A 2025 cybersecurity reading list

    The digital landscape is in constant flux. From debates surrounding social media regulation to emerging hardware vulnerabilities and the ever-shifting terrain of internet governance, staying informed about cybersecurity is more critical than ever. This year, I’m diving deep into the world of digital security, and I wanted to share my growing reading list and recommended resources for anyone embarking on or continuing their journey into Apple security in 2025.

    This exploration comes after a particularly eventful period. Recent headlines, including discussions around social media platform restrictions, newly discovered hardware vulnerabilities, and renewed debates on net neutrality, highlight the dynamic nature of the digital realm. It’s a reminder that constant learning and adaptation are essential in this field.

    For those serious about understanding the intricacies of Apple’s security protocols, there are some fundamental resources that shouldn’t be overlooked. While they might not be the most captivating reads, they offer invaluable insights into the security concepts and technologies underpinning Apple’s products. Consider these your foundational texts:

    • Apple Platform Security Guide (December 2024): This comprehensive document delves into various facets of Apple’s security framework, covering hardware security, system security, encryption and data protection, app security, services security, and iCloud data security. It’s a deep dive into the technical details, offering a thorough understanding of how Apple safeguards its ecosystem.
    • The NIST Cybersecurity Framework (CSF) 2.0: This framework provides a standardized approach to managing cybersecurity risk. It’s a valuable resource for understanding best practices and industry standards in cybersecurity.
    • Apple Security Research Blog: This blog offers insights into Apple’s ongoing security research and discoveries. It’s a valuable resource for staying up-to-date on the latest security developments within the Apple ecosystem.

    Beyond official documentation, books offer a more narrative and engaging way to explore cybersecurity concepts. Finding resources specifically focused on Apple security can be a challenge, but there are some gems worth seeking out. I was particularly excited to learn about the upcoming second volume of Patrick Wardle’s “The Art of Mac Malware.” The first volume was an excellent guide to malware analysis, and I eagerly anticipate the insights the second volume will provide on malware detection.

    Here are some books currently on my reading list:

    • The Art of Mac Malware, Volume 1: The Guide to Analyzing Malicious Software (Reread): This book provides a practical guide to dissecting and understanding malicious software targeting macOS. It’s an essential resource for anyone interested in malware analysis.
    • The Art of Mac Malware, Volume 2: Detecting Malicious Software – by Patrick Wardle: Building upon the first volume, this book will delve into techniques for detecting malicious software on macOS systems.
    • The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage – by Cliff Stoll: This classic recounts the true story of a hunt for a hacker infiltrating computer systems. It’s a captivating tale that highlights the early days of cyber espionage.
    • The Art of Invisibility – by Kevin Mitnick: Written by a former hacker, this book explores techniques for protecting privacy and security in the digital age. It offers practical advice on safeguarding personal information in an increasingly connected world.
    • Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers – by Andy Greenberg: This book delves into the world of state-sponsored cyberattacks, focusing on the activities of the Russian hacking group Sandworm. It provides a chilling look at the potential consequences of cyber warfare.
    • Threat Hunting macOS – by Jaron Bradley (ETA unknown): This upcoming book promises to provide valuable insights into proactive threat hunting techniques for macOS environments.
    • Weapons of Math Destruction: How Big Data Increases Inequality and Threatens Democracy – by Cathy O’Neil: This book explores the potential for algorithms and big data to perpetuate bias and inequality. It raises important questions about the ethical implications of data-driven decision-making.

    Looking back at my reading from the previous year, several books stand out as particularly noteworthy:

    • This Is How They Tell Me the World Ends – by Nicole Perlroth: This book explores the vulnerabilities of the global digital infrastructure and the potential for catastrophic cyberattacks.
    • Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker – by Kevin Mitnick: Another captivating memoir from Kevin Mitnick, this book recounts his experiences as a notorious hacker.
    • Cult of the Dead Cow – by Joseph Menn: This book tells the story of the influential hacker group Cult of the Dead Cow and its impact on the cybersecurity landscape.
    • After Steve: How Apple Became a Trillion-Dollar Company and Lost Its Soul – by Tripp Mickle: While not strictly about security, this book offers insights into Apple’s corporate culture and its evolution, which can indirectly influence security priorities.

    I believe that staying informed about cybersecurity is a continuous process. I’m always eager to discover new resources and perspectives. I encourage everyone to share any recommended books, articles, or resources that they’ve found valuable. Collective learning and knowledge sharing are essential in navigating the ever-evolving world of digital security.

  • American-Made Apple Chips: A step closer to reality, alongside new security concerns

    American-Made Apple Chips: A step closer to reality, alongside new security concerns

    The landscape of technology manufacturing is shifting. A significant development in this shift is the near completion of the first US-based facility dedicated to producing A-series chips for Apple devices. This move, hailed as a victory for domestic production, comes alongside new security concerns regarding iPhone vulnerabilities and evolving scam tactics.

    The journey towards “Made in America” Apple chips began in 2022, spurred by the US CHIPS Act. This government initiative aims to reduce American reliance on overseas chip production, particularly in China, and to stimulate domestic job creation. The plan involves establishing several TSMC (Taiwan Semiconductor Manufacturing Company) fabrication plants in Arizona, with some production lines specifically allocated for Apple’s processors, initially for older devices.

    While initial projections aimed for mass production to commence in 2024, the project faced delays, pushing the timeline into the current year. Further, the production of more advanced 2nm chips has been postponed until 2028. Early concerns arose about the practicality of the initial plant, with worries that the output would need to be shipped back to Taiwan for the crucial “packaging” process, which integrates various circuit boards into a single chip. However, Apple later addressed this by announcing plans for a US-based packaging facility.

    The construction of these plants has not been without controversy. TSMC’s hiring practices have drawn criticism, with a significant number of workers being brought in from Taiwan rather than being recruited locally in the US. While the company initially explained this as a temporary measure during the construction phase, the situation persisted, leading to accusations of “anti-American discrimination” and even a lawsuit.

    Despite these challenges, a recent report suggests that the first plant is on the verge of commencing mass production. This implies that test production has already been successfully completed, with Apple now in the final stages of verifying the quality of the chips produced in Arizona. The first commercially mass-produced chips are anticipated as early as this quarter, pending the completion of final quality assurance checks. This marks a significant milestone in bringing chip production back to American soil.

    Security Vulnerabilities and Evolving Scams: A Double-Edged Sword

    While the news of domestic chip production offers a positive outlook, recent discoveries have highlighted potential security vulnerabilities in iPhones. A security researcher, Thomas Roth, identified a vulnerability in the USB-C controller chip present in the iPhone 15 and 16 models. This vulnerability, in theory, could be exploited to compromise an iPhone.

    The vulnerability lies within the ACE3 USB-C controller, a chip introduced in 2023, which manages power delivery and acts as a sophisticated microcontroller with access to critical internal systems. Roth’s team demonstrated the ability to gain code execution on the ACE3 chip by carefully measuring electromagnetic signals during the chip’s startup process and using electromagnetic fault injection to bypass firmware validation checks. This could, theoretically, grant an attacker complete control over the device.

    However, exploiting this vulnerability is exceptionally complex and requires physical access to the device. Both Apple and Roth himself have concluded that it does not pose a realistic threat to users in real-world scenarios.

    A more pressing security concern involves evolving tactics used by scammers exploiting iMessage. Scammers commonly use SMS and iMessage to distribute phishing links and attempt to install malware. To combat this, iPhones automatically disable links in messages received from unknown senders. These links appear as plain text and are not tappable.

    However, scammers have devised a workaround. By enticing users to reply to their messages, even with a simple “STOP” command, they can bypass this protection. Replying to the message, even with a single character, signals to the iPhone that the user has interacted with the sender, thus legitimizing the message and re-enabling the links. This means users are tricked into making the links live themselves.

    This tactic has become increasingly prevalent, with numerous examples of fraudulent messages impersonating legitimate organizations like USPS or toll road companies. These messages often prompt users to reply with a single character, such as “Y,” to activate the malicious links.

    Staying Safe in a Digital World

    In light of these evolving threats, users must remain vigilant. The most effective way to protect oneself is to exercise extreme caution with links received in any form of electronic communication. Never click on links in emails, text messages, or other messages unless you are absolutely certain of their legitimacy.

    A best practice is to rely on saved bookmarks or manually type URLs into your browser, especially for sensitive websites. If you have any doubts about the authenticity of a message, contact the purported sender directly using known contact information to verify its legitimacy. These simple precautions can significantly reduce the risk of falling victim to scams and compromising your personal information.

  • The Future of Home Security: Schlage unveils revolutionary hands-free smart lock

    The Future of Home Security: Schlage unveils revolutionary hands-free smart lock

    The landscape of home security is about to change dramatically with Schlage’s announcement of its groundbreaking Sense Pro Smart Deadbolt. This isn’t just an incremental improvement; it’s a complete reimagining of how we interact with our front doors. Eschewing the traditional keyhole entirely, the Sense Pro is designed for the smartphone age, offering seamless, hands-free entry through cutting-edge technology. 

    This innovative deadbolt leverages the power of Matter-over-Thread for robust smart home integration, ensuring compatibility with a wide range of platforms, including Apple’s HomeKit. But the true game-changer is its integration of Ultra Wideband (UWB) technology.

    This precision-based technology allows the lock to accurately measure distance, speed, and trajectory, enabling truly hands-free unlocking. Imagine approaching your door with your hands full of groceries; the Sense Pro will recognize your approach and unlock it automatically, providing an unparalleled level of convenience. 

    The Sense Pro isn’t solely reliant on UWB. Recognizing the need for versatility, Schlage has also incorporated NFC technology for tap-to-unlock functionality. This provides a reliable backup option and caters to users who prefer a more traditional approach. Furthermore, a built-in keypad offers yet another layer of access, allowing entry via a personalized code. This multi-faceted approach ensures that users always have a way to access their homes, regardless of the situation. 

    This new lock from Schlage is poised to be among the first to fully utilize the hands-free unlocking capabilities powered by UWB chips in smartphones, particularly iPhones. Apple’s introduction of “Express Mode” in iOS 18 hinted at this future, but the necessary hardware wasn’t yet available. The Sense Pro bridges that gap, ushering in a new era of keyless entry.

    Beyond the hardware, Schlage is also developing a completely redesigned Schlage Home app. This new app promises a more intuitive and user-friendly interface, simplifying remote lock management and providing users with greater control over their home security. While pricing details are yet to be released, Schlage has confirmed that the Sense Pro Smart Deadbolt will be available for purchase later in 2025. This announcement has generated considerable excitement in the smart home community, with many anticipating the arrival of this truly innovative product.  

    Apple Addresses AI Accuracy Concerns with Upcoming Update

    In other news, Apple has acknowledged concerns regarding the accuracy of its Apple Intelligence feature, particularly its notification summarization capabilities. Following several instances of inaccurate and even misleading summaries, Apple has announced an upcoming software update designed to improve the feature’s reliability and transparency. 

    Apple Intelligence, currently in beta and available on compatible devices running iOS 18.1 and later, aims to streamline notification management by grouping notifications from the same app and providing concise, one-sentence summaries. While this feature has the potential to be incredibly useful, recent incidents have highlighted the challenges of relying on AI to accurately interpret and summarize complex information. 

    One particularly concerning incident involved Apple Intelligence generating false notification headlines for BBC News, including incorrect sports results and fabricated celebrity news. These errors prompted BBC News to call on Apple to take action, emphasizing the potential damage to public trust in established news organizations. 

    This wasn’t an isolated incident. Previous errors included misinterpreting a news story about Israeli Prime Minister Benjamin Netanyahu and generating a misleading headline about a murder suspect. These incidents underscore the limitations of current AI technology in accurately processing nuanced information.

    In response to these concerns, Apple has issued a statement assuring users that improvements are on the way. The upcoming software update will provide clearer indicators when a notification has been summarized by Apple Intelligence, giving users more context and preventing confusion. Apple has also encouraged users to report any unexpected or inaccurate notification summaries to further aid in the feature’s development. While Apple Intelligence notification summaries are an opt-in feature and can be disabled, Apple’s commitment to improving its accuracy is a positive step toward ensuring its long-term viability. 

    iOS 18.2.1 Released with Important Bug Fixes

    Finally, Apple has released iOS 18.2.1 and iPadOS 18.2.1, minor updates addressing important bugs and improving overall system stability. These updates arrive almost a month after the release of iOS 18.2 and iPadOS 18.2. 

    The new software is available for download on compatible iPhones and iPads via over-the-air updates. Users can access the update by navigating to Settings > General > Software Update. Apple’s release notes state that iOS 18.2.1 addresses important bugs and recommends the update for all users. These kinds of updates are crucial in maintaining a smooth and secure user experience.

    Looking ahead, Apple is currently testing iOS 18.3 and iPadOS 18.3, with a projected release date sometime in late January. These ongoing updates demonstrate Apple’s commitment to continuously improving its operating systems and providing users with the best possible experience.

  • Decoding macOS Security: A deep dive into XProtect and malware defense

    Decoding macOS Security: A deep dive into XProtect and malware defense

    The digital landscape is constantly evolving, and with it, the threats that target our devices. For Mac users, the built-in security suite, XProtect, stands as a crucial first line of defense. But how effective is it? What exactly does it protect against? This article delves into the inner workings of XProtect, exploring its components, detection methods, and the specific malware it targets, offering a comprehensive look at macOS security in 2025. 

    My journey into the world of macOS security has been a fascinating one. From attending security conferences in unexpected locations, like my trip to Kyiv for Objective-See’s Objective by the Sea v2.0, to engaging with leading security experts, I’ve gained invaluable insights into the ever-present battle against malware. This exploration culminates in a detailed examination of XProtect, a topic I began investigating last year and have continued to refine as Apple updates its defenses.

    XProtect: More Than Just a Malware Blocker

    Introduced in macOS X 10.6 Snow Leopard back in 2009, XProtect initially served as a simple malware detector, alerting users to potentially harmful files during installation. However, it has evolved significantly over the years. The 2022 retirement of the Malware Removal Tool (MRT) marked a turning point, paving the way for XProtectRemediator (XPR), a more sophisticated anti-malware component responsible for both detecting and removing threats. 

    XProtect’s strength lies in its use of Yara rules, an open-source tool that identifies malware based on specific patterns within its code or metadata. This allows Apple, and indeed anyone, to create custom detection rules.  

    Today, the XProtect suite comprises three key components:

    • XProtect App: This component uses Yara rules to scan applications upon launch, modification, or signature updates, detecting known malware.

      XProtectRemediator (XPR): XPR takes a more proactive approach, regularly scanning the system for threats using Yara rules and other methods. These scans occur in the background during periods of low activity, minimizing performance impact.

      XProtectBehaviorService (XBS): Introduced more recently, XBS monitors system behavior, looking for suspicious activity related to critical resources.

    The Challenge of Obfuscated Signatures

    One of the challenges in understanding XProtect’s capabilities is Apple’s use of internal naming schemes for its Yara rules. While this obfuscation serves a security purpose, it makes it difficult to pinpoint the exact malware being targeted. For instance, while some rules have relatively clear names like XProtect_MACOS_PIRRIT_GEN (targeting Pirrit adware), many are given generic names like XProtect_MACOS_2fc5997 or internal codenames like XProtect_snowdrift.

    This is where the work of security researchers like Phil Stokes of Sentinel One Labs and independent researcher Alden becomes crucial. Stokes maintains a public repository on GitHub that maps Apple’s obfuscated signatures to common malware names recognized by security vendors and public scanners like VirusTotal. Alden has made significant strides in understanding XPR’s functionality by extracting Yara rules directly from its scanning modules. 

    Locating XProtect on Your Mac

    XProtect is enabled by default on all macOS installations and operates silently in the background. Updates are also automatic. To locate XProtect on your system: 

    1. Open Finder and navigate to Macintosh HD > Library > Apple > System > Library > CoreServices.
    2. Locate “XProtect” and right-click (or Control-click).
    3. Select “Show Package Contents.”
    4. Navigate to Contents > MacOS.

    Important Note: While XProtect provides a solid baseline of protection, it primarily focuses on known threats. Relying solely on XProtect is not advisable. Employing reputable third-party anti-malware solutions is strongly recommended for enhanced security.

    XProtectRemediator v147: A Look at the Malware Arsenal

    XPR’s scanning modules are responsible for malware removal. Examining version 147 reveals a targeted approach against a variety of threats. Here’s a breakdown of some of the identified remediators:

    • Adload: This adware and bundleware loader has been targeting macOS users since 2017, demonstrating a persistent threat. Recent XProtect updates have significantly improved the detection of this malware.
    • BlueTop: Identified as a Trojan-Proxy campaign documented by Kaspersky in late 2023.
    • ColdSnap: Likely targeting the macOS version of the SimpleTea malware, a Remote Access Trojan (RAT) with ties to the 3CX breach and similarities to Linux and Windows variants.
    • Crapyrator: Identified as macOS.Bkdr.Activator, a large-scale malware campaign discovered in February 2024, potentially aimed at creating a macOS botnet or distributing further malware.

      DubRobber (XCSSET): A versatile and concerning Trojan dropper.

    • Genieo: A widely known potentially unwanted program (PUP).

      KeySteal: A macOS information stealer first observed in 2021 and added to XProtect in February 2023.

    • Pirrit: An adware family known for injecting ads, collecting browsing data, and manipulating search results.
    • RankStank: Linked to the 3CX supply chain attack attributed to the Lazarus Group.
    • SnowDrift: Identified as the CloudMensis macOS spyware.
    • Trovi: A cross-platform browser hijacker similar to Pirrit, known for redirecting searches, tracking browsing history, and injecting ads.

    Several other remediators, such as BadGacha, CardboardCutout, FloppyFlipper, GreenAcre, RoachFlight, SheepSwap, ShowBeagle, ToyDrop, and WaterNet, remain unidentified at this time, highlighting the ongoing effort to decipher XProtect’s full capabilities.

    The Ongoing Evolution of macOS Security

    The fight against malware is a constant arms race. Apple continuously updates XProtect to address emerging threats, and security researchers work tirelessly to uncover the intricacies of its defenses. By understanding the components and capabilities of XProtect, Mac users can gain a deeper appreciation for the built-in security measures and make informed decisions about their overall security posture. While XProtect provides a valuable layer of protection, combining it with reputable third-party security software remains the most effective approach to safeguarding your Mac in today’s complex digital world.

  • Exciting updates coming to your Mac with macOS 15.4

    Exciting updates coming to your Mac with macOS 15.4

    Apple is gearing up to roll out macOS 15.4 next month, bringing some cool new features to your Mac. First up, the Passwords app is getting a handy upgrade. You’ll see a timer for verification codes right in the menu bar, making it easier to know when they expire.

    Another neat addition is Quick Start, a feature iPhone and iPad users already love. It lets you set up a new Mac quickly by scanning a code with your phone to transfer settings. The Mail app is also getting a fresh look with better inbox sorting, and Apple Intelligence will soon support more languages beyond English.

    These updates promise to make your Mac experience smoother and smarter. Meanwhile, Apple’s new Passwords app is stirring up some buzz. Is it good enough to ditch your current password manager? It’s simple to use, with sections for passwords, Wi-Fi logins, and security alerts, all synced across your Apple devices.

    You can even access it on Windows through iCloud. But it’s not perfect—there’s no support for Android or web browsers, and it lacks extras like secure notes or two-factor authentication that apps like 1Password offer. It’s a solid start, especially for beginners, but if you’re used to more advanced tools, it might not fully replace them yet.

    These changes show Apple’s focus on making things easier and safer for users. The macOS 15.4 update, paired with the Passwords app, could be a game-changer for everyday tasks. Whether you’re setting up a new Mac or managing logins, these tools aim to save time and boost security. Still, if you rely on a mix of devices or need more features, you might stick with your trusty password manager for now. Either way, Apple’s latest moves are worth checking out when they land next month!

  • Apple TV losing big money yearly and SpyX leak hits iPhone users hard

    Apple TV losing big money yearly and SpyX leak hits iPhone users hard

    Apple TV is bleeding cash, dropping around $1 billion each year, according to a recent report. The streaming service, meant to compete with giants like Netflix and Amazon, just isn’t pulling in enough viewers or profits. Experts say Apple keeps pouring money into big-name shows and movies, but the audience isn’t growing fast enough to make up for it.

    Even with popular titles, the costs are piling up way faster than the cash coming in. This has sparked chatter about whether Apple needs to rethink its game plan—maybe tweak pricing, push more ads, or find cheaper ways to create content. For now, the company’s deep pockets are keeping it afloat, but how long can that last?

    Meanwhile, a massive data leak from SpyX, a sneaky stalkerware app, has put millions of iPhone users at risk. This nasty software lets people secretly track others—think call logs, texts, and even locations—without them knowing. The breach spilled personal info from tons of victims, leaving them open to scams or worse.

    Reports say SpyX was sneaky enough to slip past Apple’s tight security, raising big questions about how safe iPhones are. Users are now being told to watch for weird phone behavior and update their devices fast. This mess has sparked a firestorm, with people demanding Apple step up and crack down harder on shady apps like this.

    Both stories show how tricky the tech world can be. Apple’s burning cash to keep its TV dream alive, while iPhone fans are dealing with a creepy privacy scare. The company’s got a lot on its plate—figuring out how to make streaming pay off and keeping users safe from leaks. For now, Apple TV’s losses and the SpyX disaster are tough reminders that even the biggest names can stumble. Fans are left wondering: can Apple bounce back from these hits, or are more bumps ahead? Only time will tell, but it’s clear the pressure’s on.

  • Apple’s iPhone ID feature expands to more U.S. states, but it’s taking time

    Apple’s iPhone ID feature expands to more U.S. states, but it’s taking time

    In some U.S. states, people can now store their driver’s license or state ID in the Wallet app on their iPhone or Apple Watch. This handy, no-touch option lets them show who they are or how old they are at certain airports, stores, or apps without pulling out a physical card. Sadly, this cool tool is spreading slowly. Apple first shared the idea back in September 2021, and over three years later, only nine states plus Puerto Rico have it ready.

    States Where It Works

    Here’s where you can use it now:

    • Arizona (started March 2022)
    • Maryland (started May 2022)
    • Colorado (started November 2022)
    • Georgia (started May 2023)
    • Ohio (started July 2024)
    • Hawaii (started August 2024)
    • California (started September 2024)
    • Iowa (started October 2024)
    • New Mexico (started December 2024)
    • Puerto Rico has it too!

    States Coming Soon

    Apple says these places plan to add it later:

    • Montana
    • West Virginia
    • Connecticut
    • Kentucky
    • Mississippi
    • Oklahoma
    • Utah
    • Illinois

    Also, Japan will join in with its My Number Card when iOS 18.4 comes out in early April.

    Airports That Accept It

    You can use the Wallet ID at security checks in these airports:

    • Baltimore/Washington (BWI)
    • Reagan National (DCA)
    • Phoenix (PHX)
    • Denver (DEN)
    • Atlanta (ATL)
    • Cincinnati (CVG)
    • Columbus (CMH)
    • San Francisco (SFO)
    • San Jose (SJC)
    • Los Angeles (LAX)
    • Honolulu (HNL)
    • Des Moines (DSM)
    • Cedar Rapids (CID)
    • Albuquerque (ABQ)
    • Hobbs (HOB)
    • San Juan (SJU)

    Apple suggests checking TSA signs at the airport to be sure it’s accepted. The TSA website has more info too. The Wallet ID also works to prove your age or identity at some U.S. shops or spots, but Apple doesn’t list which ones yet. Even though it’s growing, the wait for more states and places to catch on feels long!

  • Apple fixes password app flaw that risked user safety

    Apple fixes password app flaw that risked user safety

    Apple recently patched a problem in its Passwords app with the iOS 18.2 update in December. This flaw had put users at risk of phishing attacks for three months, ever since iOS 18 came out.

    What Went Wrong with the Passwords App

    A report from 9to5Mac highlighted an Apple security note revealing that the Passwords app was sending unprotected requests for website logos and icons tied to saved passwords. Normally, encryption keeps this data safe, but without it, anyone on the same Wi-Fi network could trick users into visiting a fake site designed to steal their login info. Security experts from Mysk first noticed this issue and told Apple about it in September.

    How Apple Described the Fix

    In the iOS 18.2 security notes, Apple explained the problem simply:

    • Effect: Someone with network access might steal private details.
    • Solution: The app now uses HTTPS to send data securely.

    Apple also confirmed they fixed this across other devices like Macs, iPads, and Vision Pros, not just iPhones.

    Why It Matters

    This glitch left users exposed for months, but Apple’s update finally closed the gap. It’s a reminder that even big companies can miss things—though they acted once the issue was clear. If you’re on iOS 18, grabbing the latest update keeps your info safer from sneaky attacks like these.

  • Apple updates MagSafe charger software and ends support for iOS 18.3.1

    Apple updates MagSafe charger software and ends support for iOS 18.3.1

    Apple recently rolled out a software update for its 25W MagSafe Charger, which works with iPhone 12 and newer models, as well as the latest AirPods. The new software version is 2A146, an upgrade from the earlier 2A143 released this year. In the Settings app, this update shows as version 136, up from 133.

    The 2024 MagSafe Charger debuted with the iPhone 16 lineup and can power those devices at a speedy 25W. For older models, like the iPhone 12 through iPhone 15, it charges at a slower 15W.
    Apple pushes these updates wirelessly and doesn’t share detailed notes about them. So, we’re not sure what improvements or fixes this version brings. To update your MagSafe Charger, plug it in and connect it to an Apple device—there’s no manual way to start the process. Want to check your charger’s software version? Follow the steps in our MagSafe Charger guide.

    In other news, Apple has stopped supporting iOS 18.3.1 as of today. This means iPhone users who’ve moved to iOS 18.3.2 can’t switch back to the older version. Apple launched iOS 18.3.2 on March 10. This move isn’t surprising—Apple often phases out older iOS versions after a new one arrives. Unsigned software can’t be installed because of a server check, blocking users from loading outdated iOS on their iPhones. Right now, iPhones that run iOS 18 can only use iOS 18.3.2.

    By doing this, Apple makes sure devices stay up to date with the latest security upgrades. The iOS 18.3.2 update included key fixes, including one for a flaw that might have been actively targeted by attackers. Keeping your iPhone on the newest software helps protect it from potential risks.

  • Apple makes storage info clear again in macOS 15.4 and fixes iCloud Mail trouble with iOS 18.3.2

    Apple makes storage info clear again in macOS 15.4 and fixes iCloud Mail trouble with iOS 18.3.2

    Apple recently updated macOS 15.4, and in its second beta version released this month, they hid how much space Apple Intelligence uses on a Mac. This change happened in the System Settings, making it tough for users to see the details.

    After some people thought Apple was trying to keep the storage size of Apple Intelligence a secret, the company quickly fixed it. With the fourth beta of macOS 15.4 out now, Apple brought back an easy way to check this info. You can find it by going to System Settings > General > Storage, then clicking the info button next to the macOS entry. A little window pops up showing the macOS version and how much space Apple Intelligence takes. This is the same setup as in the current macOS Sequoia 15.3.2.

    Some think the missing storage info in the earlier beta was just a mistake. Users who turned off System Integrity Protection (SIP)—a security feature that stops unsafe code from running—could still see the details. SIP is usually on for most people and can only be switched off in Recovery Mode, something developers do more often. Since Apple brought the info back for everyone, it might’ve been an accident, but we’re not sure.

    Apple says Apple Intelligence can use up to 7GB of space on a Mac, though some users notice it takes even more in macOS Sequoia 15.4. It needs this space to store special files that let it work on your device without always needing the internet. If you don’t want it using space, you can turn off Apple Intelligence.

    Meanwhile, the iOS 18.3.2 update from last week has caused problems for some iCloud Mail users. People on Reddit and forums like MacRumors say new emails aren’t showing up on their iPhones automatically after the update. Even with the right settings, they have to refresh the Mail app manually to see new messages. One Reddit user shared, “Since updating to iOS 18.3.2, my iCloud emails don’t come through on their own. I have to refresh, even though it worked fine before on 18.3.1.”

    Normally, iCloud Mail uses Push to send emails to your phone instantly. If that’s not working, it should switch to Fetch, checking for new mail every so often. But for some, neither option is doing the job. Other email services like Microsoft seem fine, so this glitch is just with iCloud Mail. Apple likely knows about it, and a fix should come soon.

More posts