Today’s WikiLeaks Vault 7 Dark Matter release shows the CIA’s capabilities to attack and persist on Apple iPhone and Mac firmware and an apparent interdiction of the iPhone supply chain.

RSA 2017 is previewed and last week’s report on iOS apps being vulnerable to interception attacks, macro malware coming to MacOS, and new Uber open source module are discussed.

More than 70 iOS apps are vulnerable to man-in-the-middle attacks where TLS connections can be intercepted and sensitive data stolen.

Apple released updates across its product lines, including iOS 10.2.1, patching a number of critical code execution vulnerabilities in the kernel, libarchive and WebKit.

Researchers say iTunes and Apple’s App Store suffer from a persistent input validation and mail encoding web vulnerability. If exploited, it could allow an attacker to inject their own malicious script.

Threatpost writers recap 2016’s biggest news stories, including the proliferation of IoT botnets, ransomware, the FBI vs. Apple story, and more.

Apple extended the deadline of Dec. 31 for developers adopt App Transport Security standards for applications submitted to the App Store.

Apple released a massive update for macOS Sierra on Tuesday to address 72 vulnerabilities in the operating system.

Apple released iOS 10.2 on Monday, addressing a handful of security vulnerabilities, including two issues that could have led to arbitrary code execution.

The BSD libc library was updated recently to address a buffer overflow vulnerability that could have allowed an attacker to execute arbitrary code.