&w=3840&q=100)
Using Apple's Mac device? Update it to latest macOS now: Check reason here
Spotlight on macOS
New Delhi
The Microsoft Threat Intelligence team uncovered a serious vulnerability in macOS that could have allowed attackers to steal personal data including files and caches linked to Apple Intelligence. The issue, dubbed 'Sploitlight', was found in how Spotlight, macOS's built-in search tool, handles certain plugins.
While Apple fixed the flaw in macOS Sequoia 15.4 back in March 2025, Microsoft is now detailing how dangerous the bug could have been, especially because it could potentially reveal sensitive AI-generated data and affect other devices linked to the same iCloud account.
What was the risk?
At the core of this flaw is TCC (Transparency, Consent, and Control), a system Apple uses to protect private data like your location, photos, downloads, and more. Apps normally need your explicit permission to access such data.
But Microsoft's researchers found a way to bypass these protections using Spotlight importers. These are essentially the plugins that help index files so they show up in searches. By tweaking how these plugins work, attackers could potentially access files without the user ever granting permission.
The exposed data could include:
Photo and video metadata, including face recognition tags
Geolocation data
Search history and app usage patterns
AI-generated summaries from Apple Intelligence
Private files in protected folders like Downloads
One of the most concerning aspects of this vulnerability is its link to Apple Intelligence, Apple's suite of AI-powered tools for tasks like summarising emails or organising photos. These tools cache data locally to function quickly and privately.
However, Microsoft discovered that those cached files could be accessed using this bug. That means attackers could potentially extract AI-generated content, including summaries of emails and notes, as well as data used in photo face recognition.
Making matters worse, attackers with access to one device could infer information about other Apple devices tied to the same iCloud account. For instance, even though photo databases differ across devices, metadata like face tags and shared content are synced. So, someone accessing a Mac could gain partial insight into what's on the user's iPhone or iPad without physically accessing them.
Has the vulnerability been addressed?
Microsoft said that it disclosed the vulnerability through its Coordinated Vulnerability Disclosure program. Apple addressed the issue – now tracked as CVE-2025-31199 – in an update released on March 31, 2025 – macOS Sequoia 15.4 version.
While the Microsoft blog said that the vulnerability was never seen in the wild, users are still requested to update their Mac devices to macOS Sequoia 15.4 or later.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time of India
an hour ago
- Time of India
Tim Cook's White House visit shows the true cost of tariffs
One of the most provocative items in my wardrobe is a plain dark T-shirt designed by a libertarian economist. In 10 lines across the front, it reads: 'Tariffs not only impose immense economic costs but also fail to achieve their primary policy aims and foster political dysfunction along the way.' In related news, Apple Chief Executive Tim Cook went to the White House last week to give President Donald Trump a large piece of gold. In exchange, Trump said that Apple would be exempt from a new 100% tariff the US is imposing on imported microchips. Officially, Apple gets the exemption because it committed to making a $100 billion investment in the US. Apple had already announced earlier this year a $500 billion investment program, which itself was a modest expansion of previous plans. Productivity Tool Zero to Hero in Microsoft Excel: Complete Excel guide By Metla Sudha Sekhar View Program Finance Introduction to Technical Analysis & Candlestick Theory By Dinesh Nagpal View Program Finance Financial Literacy i e Lets Crack the Billionaire Code By CA Rahul Gupta View Program Digital Marketing Digital Marketing Masterclass by Neil Patel By Neil Patel View Program Finance Technical Analysis Demystified- A Complete Guide to Trading By Kunal Patel View Program Productivity Tool Excel Essentials to Expert: Your Complete Guide By Study at home View Program Artificial Intelligence AI For Business Professionals Batch 2 By Ansh Mehra View Program No matter. To Trump, the important thing is announcing these pledges, not enforcing them. During his first term, there was an infamous vaporware investment from Foxconn in Wisconsin that never amounted to anything. The real benefit to the president is the sycophantic photo op, when the CEO smiles for the cameras and praises Trump's dealmaking prowess. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like This new air conditioner cools down a room in just seconds News of the Discovery Undo Bloomberg This is the political dysfunction described on my T-shirt. Live Events A flat tariff instituted for the purpose of raising revenue would, whatever its downsides, basically be just a peculiar form of tax. But tariffs are almost invariably marketed as having strategic or economic-development benefits. And that leads to exemptions. The chip tariffs are supposed to foster the growth of an electronics manufacturing industry in the US. But because chips are an input into other manufactured goods, the tariffs could easily backfire. So if you can convince the president that you are in fact making investments in manufacturing in the US, you can get an exemption from the tariffs. The problem here — and with the dozens of other exemptions and waivers baked into Trump's various tariff announcements — is that there is no objective criteria or process at work. Who gets exemptions, and who does not, is almost entirely up to the whims of Trump and his appointees. This in turn raises the question of whether his primary policy aim isn't just to maximize his own power and influence. Cook, for example, used to be a somewhat vocal advocate of LGBT rights. He's always been, first and foremost, a corporate executive. But he would occasionally take advantage of America's status as a free country to speak his mind about political issues. That could now be a risky business proposition, because the viability of Apple's business hinges on not just its ability to keep making products people want to buy, but its ability to secure tariff exemptions. Other tech executives, such as Jeff Bezos, have also erred on the side of reticence: While he wants his newspaper to support and defend personal liberties and free markets, the company he founded backed down from a plan to list explicit tariff surcharges after facing pressure from the White House. In a market economy with a functional democracy that protects free speech and enforces the rule of law, executives shouldn't have to worry that tax policy will swing wildly based on who pleases or angers the president. But in Trump's America, they do. Which brings us to the economic costs. A lot of attention has been paid to the impact of tariffs on prices, with Trump arguing implausibly that the entire incidence will fall on foreign producers and Democrats saying that consumers will pay the costs. The answer will almost certainly have political ramifications for next year's elections. In the long run, though, the American consumer can survive one-off price hikes, and the US economy can adjust to the distortions induced by tariffs. And yet. Think about not the Apple of today, but the Apple of almost 50 years ago, the Apple of Steve Jobs and Steve Wozniak. The Apple I computer was built in 1976 on a shoestring budget with commercially available parts. Wozniak recalled in a 1984 interview that Jobs had made a deal with a local computer retailer to buy 100 computers for $500 a piece wholesale — $50,000 in revenue. To build them, however, they needed $20,000 worth of components, which they got by securing 30 days of credit from an electronic parts dealer after a phone call to verify the existence of the purchase order. 'We delivered the computers,' Wozniak recalled, 'paid off the parts suppliers, and only had to borrow $5,000 from a friend.' This kind of minor-league transaction in what we now call Silicon Valley went unnoticed at the time and had no discernible impact on the national GDP. But it set in motion a chain of events that changed the world. And it illustrates the openness to entrepreneurs and innovators that is the foundation of America's world-beating economic dynamism. Trump's mashup of 'populist' and 'pro-business' policies is the antithesis of this system. Corporate titans are put to work providing propaganda wins for the White House, and in exchange are accorded favors unavailable to any startup. This approach won't move markets or show up in the quarterly economic data anytime soon, if at all. But it will have a cumulative effect. Week after week, announcement by announcement, Trump is bolstering his ego at the cost of America's long-term economic future.
Time of India
2 hours ago
- Time of India
Sam Altman on Elon Musk: All day he does is tweeting, 'how much OpenAI sucks, our model is bad and ...
OpenAI CEO Sam Altman has bluntly responded to recent attacks from Tesla CEO Elon Musk, saying he doesn't spend much time thinking about the xAI founder. Speaking in an interview with CNBC's Squawk Box, Altman dismissed Musk's repeated criticisms of OpenAI and its newly launched GPT-5 creator OpenAI recently unveiled its latest AI model GPT-5. The company claims that the latest AI model offer advancements in accuracy, speed, reasoning and math capabilities. However, after the launch of GPT-5, Microsoft CEO Satya Nadella announced full integration of GPT-5 across Microsoft ecosystem. Responding to Nadella's post, Tesla CEO Elon Musk said, 'OpenAI is going to eat Microsoft alive'. Sam Altman responds to Elon Musk's comment about GPT-5 During the CNBC interview, Andrew Ross Sorkin asked Altman his views on Musk's comment that 'OpenAI is going to eat Microsoft alive'. 'You knew I'd asked the question. I think you knew I'd asked the question. You probably saw Elon yesterday. He said, quote, OpenAI will eat Microsoft alive, and then Satya responding to that. What do you think when you read that?' asked Sorkin. Replying to the question Altman said, 'You know, I don't think about him that much.' Sorkin then said, 'I'm not sure what he means except to say that he thinks in the grand scheme of the partnership, that, ultimately, you'll have more power and more influence and more leverage over them than they'll have over you.' by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like The Secret Lives of the Romanovs — the Last Rulers of Imperial Russia! Learn More Undo To this Altman said that Elon Musk is someone who was just tweeting all day about how much OpenAI sucks, and our model is bad, and, you know, not going to be a good company and all that. 'I thought he was most -- I mean, I -- someone was -- I thought he was just like tweeting all day about how much like OpenAI sucks and our model is bad and, you know, not being a good company and all of that. So, I don't know how you square those two things,' said Altman. The remarks come amid escalating tensions between the two former collaborators, who co-founded OpenAI in 2015 before parting ways over disagreements about the company's direction. Musk has since launched his own AI venture, xAI, and recently claimed that OpenAI would 'eat Microsoft alive' following the tech giant's integration of GPT-5 across its platforms. GPT-5 launched, free for all OpenAI says that GPT-5 is the company's 'best model yet for coding and agentic tasks.' The model comes in three sizes — gpt-5, gpt-5-mini, and gpt-5-nano — for developers to balance performance, cost, and speed. In the API, GPT-5 is the reasoning model that powers ChatGPT 's top performance. A separate non-reasoning version, called gpt-5-chat-latest, will also be available. Sam Altman said GPT-5 is a major leap from GPT-4 and a 'pretty significant step' toward Artificial General Intelligence (AGI). 'GPT-5 is really the first time that I think one of our mainline models has felt like you can ask a legitimate expert, like a PhD-level expert, anything... We wanted to make it available in our free tier for the first time,' he said.
India Today
2 hours ago
- India Today
Last-minute Pixel 10 leak says no SIM tray, launch in 10 days at Made by Google event
Rumours are swirling once again in Pixel land, and this time they could spell a rather big change for Google's upcoming flagship series. The Pixel 10 family, expected sometime next year, might just wave goodbye to a little metal component that's been a part of every smartphone since the early days: the humble SIM card to a fresh post by well-known tipster Evan Blass on X (formerly Twitter), Google is allegedly plotting to strip the physical SIM slot from three of its next-gen handsets: the Pixel 10, Pixel 10 Pro, and Pixel 10 Pro XL. Instead, these devices would rely entirely on eSIM technology, specifically, two active eSIM slots to keep you connected. In other words, if this leak is accurate, you'll never have to poke your phone with that little pin again, though you might also lose the ability to quickly swap SIMs on the Blass claims the Pixel 10 Pro Fold, the foldable expected to launch alongside the rest of the line-up, will still hang on to its physical SIM tray. It's almost as if Google has decided foldable owners deserve that extra bit of old-school flexibility. But there's another wrinkle: Blass responded to one curious follower asking whether this SIM tray removal would be a global decision or a region-specific one. His answer? The eSIM-only move could be limited to the United States. If that's the case, buyers in other markets might still get their beloved SIM slot, though, as always, that remains while the leak is intriguing, it's far from bulletproof. For starters, Blass is usually a deadpan, detail-first type of tipster, but this post began with an oddly vague 'tipster suggests' intro, unusual for someone with his track record. Then there's the matter of other Pixel 10 leaks we've already seen. Early CAD-based renders showed a perfectly ordinary SIM slot across all models. Even real-life prototype images that surfaced online featured a SIM tray in the frame. That doesn't exactly scream 'eSIM revolution'.It's also worth pointing out that the images we've seen in recent weeks haven't shown the top edge of the phone in great detail, which is where the SIM slot would usually be visible. That leaves just enough mystery for speculation to thrive. And thrive it has: the replies under Blass's post quickly filled with strong Pixel fans see this potential change as inevitable. Apple has already gone eSIM-only with its US iPhone 14 and 15 models, and the writing could be on the wall for physical SIMs in certain regions. eSIMs can make devices more waterproof, free up internal space for other components, and simplify network switching for those comfortable doing everything however, are less enthusiastic. Travellers, in particular, often prefer a physical SIM slot because it makes buying and popping in a local SIM card quick and painless. With eSIMs, the process can be more fiddly – and if your phone breaks, transferring an eSIM to another device isn't always as straightforward as swapping a Google does follow through with this change, it could find itself walking a tightrope between innovation and alienating a chunk of its audience. In the US, the transition to eSIMs has been slow but steady, with major carriers embracing the tech. Still, there are plenty of people who simply like the reassurance of having a physical card they can hold in their course, there's every chance this rumour turns out to be a false alarm, or at least a premature one. Google might be testing eSIM-only models internally, or exploring a regional rollout, without committing to ditching the SIM tray everywhere. After all, smartphone manufacturers often trial multiple hardware configurations before settling on the final production we see more concrete leaks, or hear from Google itself, it's wise to keep the salt shaker handy. But if you're a die-hard SIM card loyalist living in the US, you might want to brace yourself for the possibility that your next Pixel could be missing that little slot you've been using for years. On the bright side, you'll no longer have to rummage through drawers looking for that fiddly SIM ejector tool.- Ends
