In a blog post shared by ZDNet, security researcher Vishal Bharad claims that he found a bug that would have allowed a hacker to inject a virus or malicious script onto Apple's iCloud website.
According to Bharad, the vulnerability consisted of creating a Pages or Keynote document on the iCloud website with the name field containing the XSS payload. Sharing the document with another user, creating a change, saving, and then clicking "Browse All Versions" under Settings would have triggered the XSS payload.
Given the vulnerability revolved around the iCloud website, it's not linked to a recent software update and has reportedly been patched by Apple server-side. Bharad says he submitted the issue to Apple on August 7, 2020, and received a $5,000 bounty on October 9, 2020. We've reached out to Apple for comment and we'll update if we hear back.
Wednesday April 8, 2026 7:17 pm PDT by Joe Rossignol
Apple has released a minor iOS 26.4.1 update for the iPhone 11 and newer. While the release notes for the update only mention unspecified "bug fixes," we have since learned about two specific changes that are included in it.
First, 9to5Mac spotted an Apple Developer Forums thread suggesting that iOS 26.4.1 fixes an iOS 26.4 bug that affected iCloud syncing in some apps.
Second, an...
Saturday April 18, 2026 6:45 am PDT by Joe Rossignol
During its Platforms State of the Union segment at WWDC 2025, Apple revealed that macOS 26 Tahoe is the final major macOS version for Intel-based Macs.
The upcoming macOS 27 release will be compatible with Apple silicon Macs only, meaning that you will need a Mac with an M-series chip or a MacBook Neo with an A18 Pro chip in order to install the software update. macOS 27 should be available...
A source said to be familiar with Apple's supply chain today revealed the color options Apple is planning for the iPhone 18 Pro, iPhone 18 Pro Max, and the upcoming foldable iPhone.
Image via Macworld.
The information comes from Macworld, which says the signature new color for this year's Pro models will be Dark Cherry, a deep wine-like red. While other sources had previously reported on a...
