Your iPhone may have been wide open to attack — and it had nothing to do with sketchy links or dodgy apps. Cybersecurity researchers have uncovered 23 vulnerabilities in AirPlay, Apple’s wireless streaming feature, that could let hackers infiltrate your device just by being on the same Wi-Fi network. While Apple has rolled out updates to fix the flaws, the bigger problem is that many third-party AirPlay-enabled devices might stay vulnerable for years.
Hackers exploiting Wi-Fi to hack iPhones
The discovery comes from Oligo Security, who’ve named the attack ‘Airborne’ — because that’s how easily it spreads. Two of the bugs were serious enough to let attackers turn iPhones into launchpads for malware that can jump to other devices on the same local network. So yeah, even your friend's infected smart speaker could become a trojan horse.
Oligo says the attack lets cybercriminals crash your phone, steal personal data, and even eavesdrop on you — all without you clicking a thing. And although Apple moved fast to patch the bugs on iPhones, iPads, Macs, and Vision Pro devices, not all is well. AirPlay is also baked into millions of third-party devices — TVs, speakers, and more — and most of them rely on their manufacturers to ship updates, which may never come.
Patched iPhones still at risk
Here’s the scary bit: even if your Apple gear is up to date, it doesn’t mean you’re totally safe. If any device on your Wi-Fi — say an old smart TV — hasn’t been patched, a hacker can compromise it and use it to reach other devices on the same network, including your iPhone. That means your device could get caught in the crossfire even if you’ve done everything right.
According to Oligo, the number of unpatched third-party AirPlay-enabled devices could be in the tens of millions. And if you’re using public Wi-Fi or haven’t updated your gear recently, your risk goes way up.
What you should do right now
If you haven’t already, update your Apple devices immediately — that’s step one. Step two: disable AirPlay if you’re not using it. Your phone constantly listens for AirPlay signals in the background, which increases its exposure to threats.
To turn it off, go to Settings > General > AirPlay & Continuity > Automatically AirPlay, and select “Never.” As for your non-Apple gear, check with the manufacturers to see if a patch is available — or consider ditching older devices that might never get one.
Because when it comes to Wi-Fi-based cyberattacks, the best flex is staying invisible.