New Push Bombing Attack Targets Apple Device Owners - 1

New Push Bombing Attack Targets Apple Device Owners

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by

Apple device owners appear to be targets of a new elaborate phishing scam that appears to exploit a flaw in its password reset feature.

The campaign was first reported by information security journalist, Brian Krebs, and involved Apple users being inundated with incessant password reset notifications in an intent to steal user data.

These push notifications or multi-factor authentication prompts enable the scammers to reset a victim’s Apple credentials and take over their iCloud accounts if approved (clicking the “Allow” option).

According to Krebs, the alerts themselves were not used to gain device access, rather the goal was to access the one-time verification code.

“Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code,” Kerb stated in the blog.

The blog shared several recent incidents where business and tech executives reported being targets of this campaign.

One of the potential targets, tech entrepreneur, Parth Patel in a thread on X (formerly Twitter) documented his experience of this “push bombing” or “MFA fatigue” (multi-factor authentication) attack.

He revealed that suddenly on March 23, his Apple devices (iPhone, Watch, and Mac) were bombarded with hundreds of password-reset notifications.

These system-generated prompts prevent Apple users from using the device unless it is dealt with. Parth, being wary of these alerts chose to dismiss them, which led to a fraudulent call by the scammers.

Claiming to be from Apple support team, the attackers in a failed attempt tried to trick him into sharing the one-time “verify” code, by using his information from a people-search website.

Kerb’s blog also cited few other instances where Apple owners recounted their experiences with similar phishing attempts.

Apple hasn’t issued any statements about the vulnerability, nor the number of users impacted by the incident. However, it does have a support article about protecting Apple account and devices from phishing attacks.

Elon Musk’s xAI to Introduce Improved Version of Grok AI Chatbot This Week - 2

Elon Musk’s xAI to Introduce Improved Version of Grok AI Chatbot This Week

  • Written by Elijah Ugoh Cybersecurity & Tech Writer
  • Fact-Checked by

Elon Musk’s artificial intelligence (AI) startup, xAI, is set to unveil Grok 1.5, an upgraded iteration of the Grok chatbot that can code and handle mathematical queries this week.

xAI made the announcement on social media platform X , formerly Twitter, on Thursday last week, stating that Grok-1.5 will be available to early testers and existing Grok users on X. “One of the most notable improvements in Grok-1.5 is its performance in coding and math-related tasks,” the company added.

However, XAI provided further details on the improved reasoning capabilities of Grok-1.5 on its website. “In our tests, Grok-1.5 achieved a 50.6% score on the MATH benchmark and a 90% score on the GSM8K benchmark, two math benchmarks covering a wide range of grade school to high school competition problems,” the company said.

xAI sys the most notable improvements in Grok 1.5 is its performance in coding and math related tasks - 3 xAI sys the most notable improvements in Grok 1.5 is its performance in coding and math related tasks - 4

Musk launched the new AI chatbot to compete with OpenAI’s GPT and Google’s ‎Gemini , which he says reflects biases and inaccuracies inherent in its programming. Musk has also sued OpenAI and its CEO, Sam Altman , claiming the company has shifted from its “founding agreement” of prioritizing humanity and now seeking “to maximize profits for Microsoft, who’s a major investor in OpenAI.