An AirPlay flaw dubbed “AirBorne” exposes millions of Apple and third-party devices to malware, data theft, and eavesdropping risks.
What happened
A newly disclosed vulnerability in Apple’s AirPlay feature, dubbed ‘AirBorne’, has raised concerns among cybersecurity experts. Researchers at Oligo Security discovered 23 vulnerabilities affecting AirPlay, two of which could allow hackers to deploy malware, steal data, or eavesdrop on users’ private conversations. The threat affects iPhones, iPads, Macs, and a wide range of third-party devices connected via AirPlay.
Apple has patched the flaw in its March 2025 iOS 18.4.1 update, but many third-party devices remain exposed due to slower update rollouts.
Going deeper
AirPlay is widely used for streaming media wirelessly between Apple devices and AirPlay-compatible hardware, such as smart TVs and Bluetooth speakers. However, the AirBorne flaw turns this convenience into a liability, especially on public or unsecured Wi-Fi networks like those in airports or cafés. Attackers can use the vulnerability to execute malicious code, steal sensitive information, and interfere with device functionality.
While Apple has moved quickly to release fixes, third-party manufacturers often lag behind, leaving users of devices like set-top boxes and speakers particularly vulnerable. Experts say these unpatched endpoints could be exploited as entry points, even if Apple devices are secure.
What was said
Patrick Wardle, a prominent cybersecurity researcher, noted that the lack of timely updates from non-Apple manufacturers poses a serious risk to Apple’s trusted ecosystem: “AirPlay’s integration with third-party devices makes it harder to maintain a secure perimeter. Users assume all devices in the Apple ecosystem are equally protected—but that’s not always true.”
Researchers stated the risk of idle or rarely used devices becoming attack vectors without users even realizing it.
The big picture
The “AirBorne” flaw is a reminder that even the most trusted tech ecosystems are only as secure as their weakest link. As we surround ourselves with smart TVs, speakers, and other connected devices, the lines between convenience and vulnerability blur. Apple may move fast on patches, but if the third-party devices we trust in our homes lag behind, we’re still exposed.
FAQs
What is AirPlay, and why is it widely used?
AirPlay is Apple’s wireless streaming feature that lets users share audio, video, and screen content between Apple and compatible third-party devices.
How can users check if their devices are vulnerable?
Users should verify they are running iOS 18.4.1 or the latest macOS update; third-party device firmware must be checked with the manufacturer.
Are third-party AirPlay devices automatically updated?
No, many third-party devices require manual firmware updates or may not receive security patches at all.
Can disabling AirPlay improve device security?
Yes, turning off AirPlay, especially on public or shared networks, reduces the attack surface.
What should users ask manufacturers about device security?
Users should inquire about update frequency, patch delivery timelines, and any current mitigation steps related to the AirPlay protocol.
Farah Amod
