iOS 16.1.1, iPadOS 16.1.1, and macOS 13.0.1 Ventura close a couple of concerning security vulnerabilities related to libxml2. Update soon to protect yourself.

A macOS 13.0 Ventura bug revolving around Full Disk Access permissions is preventing real-time protection features in security software from operating. Thomas Reed of Malwarebytes shares a workaround until Apple fixes the bug in macOS 13.1.

Apple has created a new Apple Security Research website to centralize all of the company’s security resources.

Apple has released iOS 15.7.1 and iPadOS 15.7.1 to address numerous vulnerabilities on iPhones and iPads that either haven’t upgraded or can’t upgrade to iOS 16 and iPadOS 16. Update such devices as soon as possible.

Howard Oakley explains App Translocation, a macOS security mechanism that protects against malicious plug-ins within benign apps but can occasionally cause first-launch crashes.

A few months ago, Apple quietly updated Monterey, Big Sur, and Catalina with XProtect Remediator, a new malware scanner built into XProtect, so your Mac is now regularly checking for malware in the background. Howard Oakley uncovered it and offers some technical details.

Apple has released iOS 12.5.6 to fix a serious WebKit vulnerability for older models of the iPhone, iPad, and iPod touch. It has been exploited in the wild, so update immediately if you’re still using one of those classics.

Streaming service Plex is warning users to change their passwords after user data was compromised. Here’s how to do so.

Apple’s AirTag and other Find My trackers—along with Find My-tracked Apple devices—may be too aggressive about telling you where they are—or aren’t. They can be useful for tracking luggage and other valuables while traveling, particularly with others, but you will likely need to tune your settings to reduce notifications.

Evildoers are exploiting a pair of security vulnerabilities in iOS, iPadOS, and macOS 12 Monterey, so Apple has released focused updates to thwart them. Don’t delay, update today.

Meta’s Instagram and Facebook iOS apps open external links in an in-app browser instead of Safari, enabling them to inject custom JavaScript code into every website you visit using the in-app browser.

If you need to get rid of a Mac or external drive, how do you ensure that no one can access the data on it? Adam Engst runs through the various methods you can employ, one or more of which should address your situation.

After failing to receive SMS text messages from five financial services websites that use them for two-factor authentication codes, Adam Engst resolved his problem with a quick call to T-Mobile to remove an automatically created system-level block on those numbers.

Apple announced it will add an enhanced security mode to this year’s planned operating system updates to deter government-level spyware.

While the Russian military attempts to level Ukrainian cities, Russian intelligence agencies have targeted the rest of the world online. Microsoft offers early insights into what its threat intelligence team has learned on the digital front lines.