Apple has issued a critical warning to millions of iPhone and iPad users, urging them to update their devices immediately in response to the discovery of major security flaws. The company has also recommended disabling the AirPlay feature, which is at the center of a newly uncovered vulnerability referred to as the “AirBorne” flaw.
The alert follows findings from Israeli cybersecurity firm Oligo, which identified severe weaknesses in AirPlay—a feature that allows users to wirelessly stream content from Apple devices to compatible screens and speakers. These vulnerabilities reportedly permit cybercriminals to seize control of any AirPlay-enabled device sharing the same Wi-Fi network.
Critical AirPlay vulnerability puts billions of iPhone users at risk
A newly discovered flaw allows hackers to hijack devices via Wi-Fi. pic.twitter.com/pOG0U6nK5Y— Werner Lindemann (@GBTinman) May 21, 2025
Gal Elbaz, Oligo’s Chief Technology Officer, warned of the widespread impact, stating, “AirPlay is integrated into a vast range of devices, many of which may never receive security updates. The root of the problem lies in a single software component embedded across Apple’s ecosystem and third-party products using the AirPlay SDK.”
Oligo uncovered 23 distinct vulnerabilities that could enable attackers to carry out zero-click exploits. These attacks require no action from the victim and can result in unauthorized access to devices or data theft, posing a serious threat to personal privacy and security.
To minimize exposure, Apple users are advised to deactivate AirPlay receiver options via their settings, limit device access to “Current User” only, and consider using reputable security tools to prevent stealth AirPlay activity.
In a related development, India’s Computer Emergency Response Team (CERT-In) has also issued a high-priority alert warning iOS and iPadOS users of multiple critical flaws. These weaknesses may let intruders gain access to confidential data or even render devices unusable if exploited.
Apple device owners are strongly encouraged to update to the latest available software and follow recommended precautions to safeguard their systems against potential attacks.