Oligo: AirPlay Flaws Enable Espionage, Ransomware

Cybersecurity firm Oligo uncovered 23 critical 'AirBorne' vulnerabilities in Apple's AirPlay protocol and SDK, exposing millions of Apple and third-party devices to zero-click remote code execution, malware, eavesdropping, ransomware, and espionage. Apple has issued patches for iOS, iPadOS, macOS, tvOS, and visionOS, but many third-party AirPlay-enabled products such as smart TVs, speakers, and car systems remain unpatched. Attackers on the same Wi-Fi network can exploit these flaws, with the risk heightened in public networks and scenarios where compromised devices later connect to office environments. Many older or unsupported devices may remain permanently vulnerable. Experts warn that the widespread use of AirPlay means these security risks could persist for years. Users are urged to update Apple devices immediately and avoid using unpatched AirPlay devices on public Wi-Fi.