Overview

• Oligo Security uncovered 23 critical vulnerabilities, named 'AirBorne,' in Apple's AirPlay protocol, enabling zero-click attacks on devices within the same Wi-Fi network.
• Apple released patches for its devices through iOS 18.4, macOS Sequoia 15.4, and tvOS 18.4 on March 31, addressing the flaws for its ecosystem.
• Millions of third-party AirPlay-compatible devices, including smart speakers and CarPlay systems, remain unpatched, leaving users at risk of remote hacking and malware propagation.
• Security experts strongly advise disabling AirPlay or restricting access to 'Current User' in device settings as a temporary mitigation measure.
• AirPlay's always-on functionality, combined with the vulnerabilities, poses significant risks, particularly on shared and public Wi-Fi networks.