Cybersecurity Cybersecurity and Infrastructure Security Agency

New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones

The vulnerability exploited by the Usbliter8 exploit cannot be patched and a PoC exploit has been released by researchers

By Homeland Security Today

June 23, 2026

European cybersecurity research firm Paradigm Shift has disclosed details of a new BootROM exploit that affects millions of iPhones and cannot be patched with a software update.

Dubbed Usbliter8, the exploit targets Apple’s SecureROM. Baked permanently into the device’s SoC, SecureROM is the first code an iPhone runs on startup and the foundation of Apple’s entire secure boot chain.

Usbliter8 chains a USB controller bug and a device firmware configuration weakness. The exploit, which requires physical USB access to the targeted device, works against iPhones with A12 and A13 chips — including iPhone XS, XR, and 11 — and Apple Watches with S4 and S5 chips. It’s worth noting that the affected chips were released in 2018 and 2019.

Read the rest of the story at SecurityWeek.

Michael Watson Sworn In as Chief Information Officer for the Commonwealth of Virginia

The Persistent Homeland Threat From Al-Shabaab

Homeland Security Today

http://www.hstoday.us

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Michael Watson Sworn In as Chief Information Officer for the Commonwealth of Virginia

Kirstjen Nielsen Becomes a Strategic Advisor at Halcyon

D.C. Region Faces Transportation, Utility, and Infrastructure Strains, Assessment Finds

Matthew Floyd Named Deputy Assistant Director in FBI Criminal Investigative Division

CBP Officers at Houston Seaport Seize Counterfeit FIFA World Cup 2026 Merchandise Worth Over $6M

U.S. Has Seized More Than 50 Drones Near World Cup Sites, DHS Says

HSI Kansas City Leads Multiagency Operation to Combat Human Trafficking Leading Up to World Cup Games

ICE Arrests Illegal Alien Former Teacher Wanted for Involvement in 2024 Tren de Aragua House Party Shooting

New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones

Related Articles

CBP Officers at Houston Seaport Seize Counterfeit FIFA World Cup 2026 Merchandise Worth Over $6M

Building Decision Advantage for Counter-Drone Operations in the Age of 3D Physical Security

U.S. Has Seized More Than 50 Drones Near World Cup Sites, DHS Says

LEAVE A REPLY Cancel reply

Latest Articles

CBP Officers at Houston Seaport Seize Counterfeit FIFA World Cup 2026 Merchandise Worth Over $6M

Building Decision Advantage for Counter-Drone Operations in the Age of 3D Physical Security

U.S. Has Seized More Than 50 Drones Near World Cup Sites, DHS Says

HSI Kansas City Leads Multiagency Operation to Combat Human Trafficking Leading Up to World Cup Games

Frontline Watch: Al-Shabaab’s Evolution Highlights Persistent Global Terror Threats