The small iOS 12.4.2 update fixes a vulnerability that could allow a remote attacker to cause application termination or arbitrary code execution. It's available only to devices that can run iOS 12 but not iOS 13.

Apple has quickly updated both iOS 13.1 and iPadOS 13.1 to version 13.1.1 to fix a variety of bugs and address the keyboard security issue.

A bug in iOS 13 and iPadOS 13 could let third-party keyboards have full access even if you didn’t allow it.

Logging into a new Apple device may result in a prompt that asks you for the passcode or password of another one of your devices. Glenn Fleishman explains why this happens and why it’s a good idea.

Google’s Project Zero security research team has released the details of a significant series of attacks against iOS. The vulnerabilities have all been patched now, and it appears the attacks may have been part of the Chinese government’s crackdown on the minority Uyghur Muslim community.

After a whistleblower revealed that Apple contractors were listening in on Siri conversations, Apple shut down the program and promised improvements. Here they are.

Apple has issued emergency updates for macOS 10.14 Mojave, iOS 12, watchOS 5, and tvOS 12 because it accidentally reintroduced a major security vulnerability in last month’s round of updates.

A security researcher has discovered that many popular iOS robocall-blocking apps share your data with third parties, often in violation of App Store guidelines.

A critical vulnerability has been found in the Bluetooth specification that could allow an attacker to intercept data transferred between devices. Thankfully, it’s hard to exploit, and Apple has already released updates to address the vulnerability.

The major browser makers—Apple, Google, and Mozilla—have all taken measures to block an attempt by the Kazakhstani government to spy on its citizens.

It turns out that so many people signed up to receive $125 cash instead of credit monitoring in the Equifax breach settlement that no one will receive much money. There’s nothing we can do about it, and that has many of us fuming.

Apple has temporarily suspended its Siri “response grading” program that had contractors listen in on Siri recordings. That’s good, but it’s unfortunate that it took media coverage to push the company to change its practices.

A search engine marketing consultant has shown that it’s simple to use Google AdWords and YouTube videos to further a specific agenda. That might be a good thing, such as by encouraging suicidal people to call a hotline, but it could equally as easily be used for evil.

Capital One has announced a security breach that affects approximately 100 million people in the United States and 6 million in Canada.

Security expert Jon Callas has written a four-part series for the ACLU on problems with the latest government proposal—this time from the UK’s GCHQ—to allow the government to listen in on encrypted communications. Spoiler: it won’t work.