Millions of Apple AirPlay-enabled devices can be hacked via Wi-Fi
Apple’s AirPlay feature, which allows seamless streaming between iPhones, MacBooks, and third-party devices, has been found to contain critical security flaws. Dubbed "AirBorne" by cybersecurity firm Oligo, these AirPlay security flaws could let hackers infiltrate Wi-Fi networks and spread malware from one infected device to another. While Apple has patched vulnerabilities in its own devices, millions of third-party AirPlay-enabled gadgets—including speakers, smart TVs, and set-top boxes—remain at risk due to unpatched bugs in Apple’s SDK.
The vulnerabilities stem from Apple’s AirPlay software development kit (SDK), which third-party manufacturers integrate into their devices. Hackers exploiting these flaws could hijack gadgets on the same Wi-Fi network, potentially gaining control over them. Apple has addressed some issues in its own ecosystem, but only if users altered default AirPlay settings. However, many smart home devices receive infrequent updates, leaving them exposed for years—or indefinitely.
Gal Elbaz, Oligo’s CTO, estimates tens of millions of third-party devices could be affected. "Because AirPlay is supported in such a wide variety of devices, many will take years to patch—or never be patched," Elbaz warns. The widespread adoption of AirPlay means these vulnerabilities pose a long-term threat, emphasizing the risks of relying on unpatched IoT devices.