Warning

Some of the Mac apps known to be affected by the Sparkle vulnerability

A vulnerability discovered in an outdated version of the Sparkle updater framework that many third-party OS X apps depend on for serving the user with regular updates has been getting a lot of attention recently.

As we reported on Tuesday, the security problem affects a number of third-party Mac apps downloaded from the internet, and not apps downloaded from the Mac App Store. The vulnerability roots from the lack of an encrypted connection and gives a malicious hacker the ability to perform a man-in-the-middle attack.

But what OS X apps are affected? This is the information you need to know as soon as possible to keep your Mac safe from potential malware threats.

What you need to know about the Sparkle vulnerability affecting some OS X apps

A new vulnerability has been discovered to affect a wide variety of third-party apps for OS X that have been downloaded from the internet and use an outdated version of the Sparkle updater framework.

The new vulnerability puts a number of users of affected third-party apps at risk of being hijacked when those apps attempt to use the outdated framework to alert users of new app updates.

Jailbreakers should stay away from iOS 9.1

Apple released iOS 9.1 earlier today with multiple security improvements, including fixes for several exploits used by Pangu Team in their recent Pangu jailbreak for iOS 9. With that said, jailbreakers running iOS 9.0.2 should stay away from the latest iOS 9.1 release if they wish to keep their jailbreaks, or at least preserve the ability to do so.

Security firm warns of new iMessage spam campaign

iPhones users—particularly those in larger US cities—may want to start keeping an eye out for odd iMessages. According to security firm Cloudmark, there has been a dramatic uptick in recent months of spam directed at Apple’s iOS messaging system.

Cloudmark says that the new spam campaign, which appears to be peddling counterfeit goods, accounted for 34% of US-based SMS spam during the past two months. Activity seemed to be particularly high in New York City, L.A., San Diego and Miami…

Watchout for Unflod, a malware targeting jailbroken devices

We often praise iOS as a very secure platform, and this is mostly true, as many studies have confirmed over the years. But sometimes, it’s not so much the platform that is responsible for the lack of security, it is the user himself.

The perfect illustration of this is when you jailbreak your device. By gaining root access to your iPhone or iPad, you start walking outside of Apple’s walled garden and actually put yourself at risk of having untrusted files installed on your device without your knowledge.

As a jailbreaker myself, I am very well aware of the risks, but I do not mind them because the benefits usually far outweigh the drawbacks, and I assume most jailbreak users feel the same.

This being said, a new malware called Unflod has been targeting jailbroken devices for a few weeks. While there is still a lot we don’t know about Unflod, the little information we have about it is enough to raise concerns…

Jailbreakers should stay away from iOS 7.1

We’ve mentioned it several times before, but looking at the amount of emails we’ve received about this matter, it is worth reiterating that anyone with a jailbroken device should stay away from the newly released iOS 7.1. If you update to iOS 7.1, you will lose your jailbreak. At this time, there is no indication that evasi0n7 will be updated for iOS 7.1, quite the opposite.

Obviously, if you do not care about your jailbreak, you are free to update to iOS 7.1. If you choose to do so, you will have to plug your iPhone in iTunes as evasi0n7 disables OTA updates by default.

You’ve been warned. Now it’s your responsibility to make the decision: is iOS 7.1 worth losing your jailbreak? You tell me.

How to get ready for tomorrow’s iOS 7 release

Last week, Apple announced that it would be releasing the latest version of its mobile operating system on Wednesday, September 18th. That’s tomorrow. And honestly, we couldn’t be more excited.

This will be the largest update to the platform since it was first introduced in 2007, bringing about an all-new design and several new features like Control Center, AirDrop sharing and iTunes Radio.

Of course, Apple has been seeding betas of iOS 7 to developers since June, but this is the first time it will be open to the public. So we thought we’d put this list together of things to help you get ready…

Make sure to stay away from these fake unlock and jailbreak sites

Perhaps one of the biggest problems in the jailbreak community today, apart from piracy, is the growing amount of scammers. These are sites or services that promise to provide users with jailbreak and unlock solutions, in return for money or other malicious intent.

And what’s worse is, often times these services are very misleading, claiming to do things such as “jailbreak iOS 6.1.4” or “downgrade from iOS 6 to iOS 5″—which we all know aren’t possible yet. So we’re highlighting some of these sites in order to warn users to avoid them…

Warning: new phishing scam exploits Dev Center outage

As most of you know, Apple’s Developer Center has been offline for going on 7 days now. The company posted an update to the situation yesterday, outlining when services will be available, but it’s still not clear when the portal will be fully functional again.

The breadth of the outage is far-reaching—Apple has hundreds of thousands of app developers worldwide. So it’s no surprise that some not-so-nice people have decided to exploit the situation by sending out malicious emails, pretending to be the company…

Apple adds ‘in-app purchase’ warning to freemium apps

Apple today has added a new ‘Offers In-App Purchases’ warning in the description of App Store apps that utilize the feature. The new disclosure can be seen in the App Store, located just beneath the Buy/Free button of pertinent applications.

The move comes amidst multiple reports of children running up monster iTunes bills, unbeknownst to their parents, via in-app purchases. Earlier this month, a young boy from the UK racked up $1,300 in charges buying virtual donuts…

Apple TV software updated to kill evasi0n jailbreak

In addition to this morning’s release of iOS 6.1.3, Apple has also seeded a new version of its Apple TV software. The update brings the firmware to version 5.2.1, and it includes a number of bug fixes as well as support for the new Hulu Plus app.

Unfortunately, as with iOS 6.1.3, the bug fixes are actually patches for the exploits used in the latest evasi0n jailbreak. So if your Apple TV is jailbroken, or you would like it to be in the future, you’ll want to be sure to stay away from this update…

Apple updates Knowledge Base article on jailbreaking

It’s pretty obvious that Apple doesn’t want people jailbreaking its devices. While the company isn’t going out and suing hackers like ahem, Sony did, it’s not exactly making it any easier for them to open up its mobile OS either.

And the company’s disdain for the process is especially evident in its Knowledge Base article on jailbreaking, which points out that unauthorized modification of iOS can cause instability and other major device issues…