Apple’s AirPlay was designed to make life easier, letting users stream music, photos, and videos from iPhones and MacBooks to TVs, speakers, and other compatible devices with just a tap. But now, cybersecurity researchers have revealed that this same convenience may be opening the door to hackers. A new set of vulnerabilities, collectively called AirBorne, could turn AirPlay-enabled gadgets into stealthy entry points for malware and network infiltration.
What you need to know
Researchers at Tel Aviv-based cybersecurity firm Oligo recently disclosed AirBorne, a group of security flaws in Apple’s proprietary AirPlay protocol. These bugs exist primarily in the AirPlay software development kit (SDK) used by third-party manufacturers to bring AirPlay support to smart TVs, speakers, and other media devices. The security flaws mean if a hacker is on the same Wi-Fi network as a vulnerable device, they can hijack it without ever touching the device.
From there, attackers could move laterally within a home or corporate network, silently hopping from one device to another. They might install malware or ransomware, disrupt operations, or even lock users out of their own systems. In some cases, compromised devices could be added to a botnet, a network of hijacked machines working in unison for larger attacks. And because many smart gadgets come equipped with microphones, hackers could even turn them into tools for eavesdropping and surveillance.
200 MILLION SOCIAL MEDIA RECORDS LEAKED IN MAJOR X DATA BREACH
What is Apple doing about the AirBorne bugs?
Apple has already patched the AirBorne bugs on its own devices and issued updates to third-party vendors. However, researchers warn that many third-party AirPlay-enabled products, possibly tens of millions, may never receive a fix either because they do not auto-update or because vendors are slow or unwilling to release security patches.
A striking demonstration by Oligo showed how easily a Bose speaker was taken over to display the firm’s logo, proving how simple it could be for a hacker to silently gain control. Though Bose was not specifically targeted, the example highlights the broader risk. Any unpatched device using AirPlay SDK could be a gateway for malicious actors.
The researchers also discovered that Apple CarPlay is affected. While exploiting it would be harder and would require Bluetooth or USB pairing, more than 800 car and truck models are potentially vulnerable.
HERTZ DATA BREACH EXPOSES CUSTOMER INFORMATION
How to update your iPhone’s software
- Go to Settings
- Tap General
- Click Software Update
- Download and install the latest update.
- Your iPhone will restart once the update is complete.
HOW TO UPDATE ALL OF YOUR DEVICES AND KEEP THEM SAFE
5 ways to protect yourself from AirPlay hackers
1) Set up a separate Wi-Fi network for smart devices: Most modern routers allow you to create multiple networks. Use this feature to keep your smart home devices such as AirPlay-enabled speakers, TVs, or receivers on a dedicated “IoT” (Internet of Things) network. Keep this separate from your main devices like phones, laptops, and work computers. This segmentation ensures that even if a hacker gains access to a vulnerable smart device, they cannot easily reach more critical or sensitive devices on the primary network.
Watch the latest episode of The CyberGuy Report.
Missed this event? Sign up via the registration form and see our live recording.
See Kurt’s Prime Day picks for useful gadgets, practical upgrades and everyday tech while the deals last.
2) Disable AirPlay when not actively using it: AirPlay is designed to always be on and discoverable, which makes it convenient but also leaves it exposed. If you rarely use AirPlay or only use it occasionally, go into your device settings and turn it off completely. On Apple devices, AirPlay settings can be found under “General” or “AirPlay & Handoff.” For third-party devices, check their companion apps or manuals. Turning off AirPlay removes it as an open door for attackers.
3) Avoid using AirPlay on public or unsecured Wi-Fi and use a VPN: One of the key conditions for exploiting AirBorne vulnerabilities is that the attacker must be on the same Wi-Fi network as the target device. This makes public Wi-Fi networks in places like cafes, airports, hotels, or shared workspaces particularly risky. If you need to use your device in such environments, avoid casting, streaming, or pairing with smart devices.
Consider using a VPN to protect against hackers snooping on your device as well. VPNs will protect you from those who want to track and identify your potential location and the websites that you visit. A reliable VPN is essential for protecting your online privacy and ensuring a secure, high-speed connection. Based on extensive testing, here are our top recommendations:
ExpressVPN is the go-to choice for those who prioritize ultra-fast speeds, reliability, and top-tier security. With servers in 105 countries, ExpressVPN delivers blazing-fast performance for streaming, gaming, and secure browsing. It supports P2P file sharing, offers best-in-class encryption, and maintains a strict no-logs policy—with all servers running on RAM for enhanced privacy. You can connect up to 10 devices simultaneously, and setup takes under 2 minutes. Plus, with 24/7 live customer support and a 30-day money-back guarantee, ExpressVPN is a premium choice for security-focused users who want speed without compromise.
CyberGuy Exclusive ExpressVPN Deals:
✅ Save 75% – Get 3 months FREE with 12-month plan for $3.99/month. Try 30 days risk-free.
✅ Save 84% – Get 4 months FREE with 24-month plan for $2.49/month. Try 30 days risk-free.
Surfshark – Best for Unlimited Devices & Budget-Friendly Security
If you're looking for a more affordable VPN without sacrificing security, Surfshark is an excellent choice. Surfshark operates under a strict no-logs policy and offers top-notch encryption to keep your data safe. However, Surfshark stands out by allowing unlimited devices on a single account - making it perfect for families, small businesses, or users with multiple gadgets. If you're looking for a more affordable VPN without sacrificing security, Surfshark is an excellent choice. Surfshark operates under a strict no-logs policy and offers top-notch encryption to keep your data safe. It now runs on upgraded 100 Gbps servers, delivering faster speeds, smoother streaming, and greater reliability even during peak hours. The upgrade also makes Surfshark more future-proof with improved stability, scalability, and load balancing for growing bandwidth demands.
Surfshark stands out by allowing unlimited devices on a single account—making it perfect for families, small businesses, or users with multiple gadgets. It also includes features like MultiHop (double VPN) and Camouflage Mode to bypass VPN restrictions in censored regions. With a budget-friendly price and feature-rich security, Surfshark is ideal for those who want privacy on a budget.
CyberGuy Exclusive Surfshark Deals:
✅ Save 81% – Get 3 extra months FREE with 12-month plan for $2.98/month. Try 30 days risk-free.
✅ Save 88%/b> – Get 3 extra months FREE with 24-month plan for $1.78/month. Try 30 days risk-free.
For best VPN software, see my expert review of the best VPNs for browsing the web privately on your Windows, Mac, Android & iOS devices
4) Strengthen and secure your home Wi-Fi network: Make it more difficult for attackers to gain access to your home network. Use a strong, unique password for your Wi-Fi that is different from your other account credentials. Ensure that your router firmware is updated and that encryption is set to WPA2 or WPA3. Avoid older and less secure options like WEP or open networks. Turn off features like WPS, which are designed for easy setup but can also make your network more vulnerable. If possible, disable universal plug and play (UPnP) and similar features that make all devices on your network easily discoverable. Also, consider using a password manager to generate and store complex passwords.
- Unlimited password storage
- Secure sharing
- Password health reports
- Auto-fill and emergency access
- Data breach monitoring to alert you if your credentials have been exposed
- A Security Dashboard with tools like the Data Breach Scanner and Password Health Checker to identify weak, reused, or compromised passwords
CyberGuy Exclusive Deal: Save 52% now with CyberGuy’s exclusive NordPass offer – Get 1 extra month FREE with a 2-year plan. Try 30 days risk-free for only $1.43 per month!
5) Limit device permissions and exposure: Smart devices with AirPlay support often include features like microphones, auto-pairing, and remote access. Review each device’s settings and disable any features you do not actively use. For example, if your smart speaker has a microphone but you never use voice commands, turn off the microphone or cover it. The fewer functions a device has exposed, the fewer opportunities a hacker has to exploit it. If your router supports it, use device-level firewall rules to limit which services or internet connections your smart gadgets can access.
Kurt’s key takeaway
Apple likes to market itself as the go-to for privacy and security, but the AirBorne vulnerabilities show that the company’s devices are far from bulletproof. While they patched their own products, millions of third-party AirPlay devices are still wide open to attack. It’s becoming clear that Apple’s control over its ecosystem isn’t as tight as they’d like you to believe. If they really want to be the privacy leader, they need to step up and fix these issues across the board, not just when it suits them.
Do you trust Apple’s claims about privacy and security after reading this article? Let us know in the comments below.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2025 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.
🎙 Now Streaming: My New Podcast: The CyberGuy Report
Kurt’s Top Deals
Deals move fast and inventory can be limited, so don’t wait too long.
| 🔥 Editor’s pick  Summer entertaining Ninja SLUSHi Machine (26% off) Frozen drinks and slushies at home in minutes. | |
| 💰 Top deal  Outdoor essential TYPEC Solar Bug Zapper (36% off) Solar-powered bug zappers for patios and camping. |
2 comments
Could I use 2 VPN connections on my iPhone?
Will they work against each other?
Hi Adam, while you can install multiple VPN apps on your iPhone, only one VPN connection can be active at a time. iOS does not support running two VPNs simultaneously, and attempting to do so will cause one to override or disconnect the other. In most cases, the VPNs may conflict with each other if both try to control the connection or establish always-on protection. For most users, it’s best to choose one reliable VPN and ensure it’s active when needed.