Technology
- Home
- Technology
- News
AirPlay security flaws could help hackers spread malware on your network
Cybersecurity firm Oligo has detailed a set of vulnerabilities its researchers found in Apple’s AirPlay protocol and software development kit that could serve as a point of entry to infect other devices on your network, Wired reports. Oligo’s researchers refe…

Published 23 days ago on May 3rd 2025, 5:00 am
By Web Desk

Cybersecurity firm Oligo has detailed a set of vulnerabilities its researchers found in Apple’s AirPlay protocol and software development kit that could serve as a point of entry to infect other devices on your network, Wired reports.
Oligo’s researchers refer to the vulnerabilities and attacks they enable as “AirBorne.” According to Oligo, two of the bugs it found are “wormable” and could let attackers take over an AirPlay device and spread malware throughout “any local network the infected device connects to.” That said, they would need to already be on the same network as the device to carry out the attack.
Other possible outcomes of an attack include hackers remotely executing code on your devices (also called an RCE attack), accessing local files and sensitive information, and carrying out denial-of-service attacks, Oligo says. It adds that an attacker could also show images on something like a smart speaker’s display — as demonstrated with an AirPlay-enabled Bose speaker in the video below — or tap into the speaker’s microphone to listen to nearby conversations.
[Media: https://www.youtube.com/watch?v=vcs5G4JWab8]
Apple has already patched the bugs, but there are still risks via non-Apple-made AirPlay devices. And while there’s a relatively low chance of a hacker being on your home network, Wired points out that AirBorne attacks could also happen if you connect to a public network with an device that uses AirPlay — like a MacBook or an iPhone — that isn’t updated with the latest Apple software.
The risks extend to CarPlay devices, too. Oligo found that attackers “could execute an RCE attack” via CarPlay under certain conditions, like connecting to a car’s Wi-Fi hotspot that’s still using a “default, predictable or known wifi hotspot password.” Once they’re in, hackers could do things like show images on the car’s infotainment system or track the car’s location, according to Oligo.
As Oligo points out, there are tens of millions of third-party AirPlay devices, including things like standalone speakers, home theater systems, TVs. The firm also notes that CarPlay “is widely-used and available in over 800 vehicle models.” According to Wired, Apple created patches for affected third-party devices” as well, but a cybersecurity expert tells the outlet that Apple doesn’t directly control the patching process of third-party devices.
Apple didn’t immediately respond to The Verge’s request for comment.

Second group of Bangladesh also arrives in Lahore for T20 series against Pakistan
- an hour ago

Who wins the conference finals? Expert picks for Hurricanes-Panthers, Stars-Oilers
- 4 hours ago

European country Malta announces to recognize Palestine
- an hour ago

Hot, dry weather likely today
- an hour ago

Indy 500 rookie Shwartzman wins pole in shocker
- 4 hours ago

Sources: CFP moving to straight seeding model
- 4 hours ago

Hasina-era officials face crimes against humanity trial in Bangladesh
- 13 hours ago

“Baby Botox” and the psychology of cosmetic procedures
- 3 hours ago

Conn Smythe Watch: Who's leading for MVP of the Stanley Cup playoffs?
- 4 hours ago

Lahore Qalandars defeat Quetta Gladiators to win PSL for third time
- 2 hours ago

Guardians' Lively to have Tommy John surgery
- 4 hours ago

Unanimous choice Castle heads All-Rookie team
- 4 hours ago
You May Like
Trending