Security Bits — 28 September 2025

Feedback & Followups

• The industry is fighting back against the recent spike in supply-chain attacks targeting shared library platforms like NPM, PyPi, etc.: GitHub tightens npm security with mandatory 2FA, access tokens — www.bleepingcomputer.com/…
• 🇺🇸 Details are of course sparse, but there appears to finally be a resolution to the TikTok question in sight: US Strikes TikTok Deal to Keep User Data on American Soil — cyberinsider.com/…
  • Note there is no conformation from China yet, so may be wish-casting
  • Appears the algorithm will stay under Chinese control, why else would Oracle need to ‘oversee’ it?
  • Might meet the letter of the Protecting Americans from Foreign Adversary‑Controlled Applications Act, definitely seems to violate the laws intent!
• 🇪🇺 European users get a reprieve on Windows 10 end-of-support: Microsoft will offer free Windows 10 extended security updates in Europe — www.bleepingcomputer.com/…

Deep Dive — Apple’s New OSes Offer More than Just Liquid Glass!

Apple didn’t just add a new UI and some nice new features with this year’s round of OS updates, they also added some nice security enhancements to their ecosystem.

New Parental Controls

Earlier in the year Apple released a white paper outlining their updated approach to child safety, and those new feature have now been delivered. If you have a family this is probably the most significant update, and the changes apply across Apple’s ecosystem.

The highlights are:

1. More fine-grained age ranges for ratings
2. A new privacy-protecting age-range-indication API for developers to restrict parts or aspects of their apps as appropriate, or to add age-aware content filtering.
3. More detailed rules for developers, and new content-related labels in the apps store
4. Tweaks to the controls parents have over their kids communications

Links

• A nice overview — appleinsider.com/…
• Apple’s Press Release — www.apple.com/…

FileVault Enhancement in macOS Tahoe

One of the biggest risks with full-disk-encryption is losing all your data because you forget your password. This is why FileVault has always offered recovery keys, but the options for storing those keys were not great. You could either print your own key and keep it somewhere safe, or you could have Apple keep it for you. This option to have Apple hold the key was added before Apple added full end-to-end encryption to for sensitive data to iCloud, so it was not protected in the same way as your health data or the passwords in your iCloud KeyChain, instead it was protected like your files in iCloud, meaning Apple had it to hand over to law enforcement on request, or, to lose should they ever get hacked.

That piece of technical debt has now been paid down, with your recovery key being secured in your iCloud KeyChain with full end-to-end encryption, just like all your other passwords.

Links

• FileVault on macOS Tahoe uses iCloud Keychain to store its Recovery Key — sixcolors.com/…

Improved eSIM Protections

SIM-jacking is a really popular attack these days, and Apple have raised the bar for transferring an eSIM away from an iPhone by adding a step that requires biometric authentication, there is no password fallback!

Links

• Apple Just Made Your iPhone’s eSIM Dramatically More Secure — www.macobserver.com/…

Improved Privacy Protections in Safari

It’s normal for browser makers to test privacy-protection features in their private browsing modes before later rolling them out universally. That’s what Apple did with it’s most recent AI-based privacy protections. In previous versions they were only enabled in private windows and tabs, now they’re always on.

The features users machine learning to better detect trackers of all kinds and block them. Like all tracking protections, and indeed like everything AI, the protections are not perfect, but they will none-the-less boost the privacy of Safari users.

Links

• Apple is Turning on a Powerful Safari Anti-Tracking Tool for Everyone — www.macobserver.com/…

❗ Action Alerts

• Apple patched older OSes as well as releasing brand new ones:
  • iOS 18.7 and iPadOS 18.7 fix major bugs for those not ready for Liquid Glass — www.cultofmac.com/…
  • iOS 18, iOS 16, macOS Sequoia, and macOS Sonoma got updates too — appleinsider.com/…
  • Apple backports zero-day patches to older iPhones and iPads — www.bleepingcomputer.com/…
• ⚠️ Chrome Users: Google patches sixth Chrome zero-day exploited in attacks this year — www.bleepingcomputer.com/…
• ⚠️ OnePlus Phone Owners: Unpatched flaw in OnePlus phones lets rogue apps text messages — www.bleepingcomputer.com/… (Popular in EU, not sure about US?)

Worthy Warnings

• A timely reminder that AI in general, and agentic AI in particular are still in their dangerous early phase (like early IoT), and not yet safe for general use: ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent — thehackernews.com/…
• LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer — thehackernews.com/… (Not LastPass’s vault, but just a reminder they are nowhere near the best password manger, maybe change if still using!)
• A good reminder that Steam’s games store is just another app store: Verified Steam game steals streamer’s cancer treatment donations — www.bleepingcomputer.com/…
  • Steam might be game-focused, but games are just apps, and can cary just as much dangerous malware as any other app
  • Unlike the more traditional app stores, Steam don’t quite seem to have refined their malware-fighting tools as well as they could just yet, probably because they were mostly ignored by cyber criminals until relatively recently
  • The practical advice is to avoid new games with low download numbers
• ⚠️ LinkedIn Users: LinkedIn to Train AI With Two Decades of User Data, Opt Out Now — cyberinsider.com/… (Since this is all public data on the web I’m not sure this is a big deal, and I’d rather assumed since it’s on the web it would be in all the models already anyway, but if you want to assert some limited control, you can 🙂)

Notable News

• New reporting reveals cybercriminals are now using backpack-sized portable fake cellphone towers to inject SMS messages directly into people’s phones, bypassing the cell carriers, and all their recently boosted protection, completely — www.macobserver.com/…
  • Remain utterly skeptical of all content in all SMS messages, no matter who they claim to be from!
  • Wide-spread in the UK, and on the rise in the US 🙁
• For those interested in a safe, secure, and private non-US VPN: Proton VPN Publishes Results of Latest Independent No-Logs Audit — cyberinsider.com/…
  

  Proton VPN has successfully passed its fourth annual no-logs audit, confirming that it does not collect or store user activity data or metadata on its VPN infrastructure.

Top Tips

• From Bart: I regularly recommend the Have-I-Been-Pwnd API, but Allison often pushes back that it’s not easy for mere mortals, well, just just got a little easier with the release of their first video demo (more to come!): HIBP Demo: Querying the API, and the Free Test Key! — www.troyhunt.com/…

Interesting Insights

• From Allison: OpenAI admits AI hallucinations are mathematically inevitable, not just engineering flaws — www.computerworld.com/…
  

  OpenAI, the creator of ChatGPT, acknowledged in its own research that large language models will always produce hallucinations due to fundamental mathematical constraints that cannot be solved through better engineering, marking a significant admission from one of the AI industry’s leading companies.
  …
  The researchers demonstrated their findings using state-of-the-art models, including those from OpenAI’s competitors. When asked “How many Ds are in DEEPSEEK?” the DeepSeek-V3 model with 600 billion parameters “returned ‘2’ or ‘3’ in ten independent trials” while Meta AI and Claude 3.7 Sonnet performed similarly, “including answers as large as ‘6’ and ‘7.’”
  …
  OpenAI’s own advanced reasoning models actually hallucinated more frequently than simpler systems. The company’s o1 reasoning model “hallucinated 16 percent of the time” when summarizing public information, while newer models o3 and o4-mini “hallucinated 33 percent and 48 percent of the time, respectively.”
  …
  “Unlike human intelligence, it lacks the humility to acknowledge uncertainty,” said Neil Shah, VP for research and partner at Counterpoint Technologies. “When unsure, it doesn’t defer to deeper research or human oversight; instead, it often presents estimates as facts.”

• From Bart: 🎧 An excellent discussion of the effect AI is having on cybersecurity: Big Technology Podcast: Is Generative AI a Cybersecurity Disaster Waiting to Happen? (With Yinon Costica) — overcast.fm/…

Legend

When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by Bart.

Emoji	Meaning
🎧	A link to audio content, probably a podcast.
❗	A call to action.
flag	The story is particularly relevant to people living in a specific country, or, the organisation the story is about is affiliated with the government of a specific country.
📊	A link to graphical content, probably a chart, graph, or diagram.
🧯	A story that has been over-hyped in the media, or, “no need to light your hair on fire” 🙂
💵	A link to an article behind a paywall.
📌	A pinned story, i.e. one to keep an eye on that’s likely to develop into something significant in the future.
🎩	A tip of the hat to thank a member of the community for bringing the story to our attention.
🎦	A link to video content.