A new set of security vulnerabilities—collectively dubbed “Airborne”—has been discovered in Apple’s AirPlay protocol. These flaws could allow hackers on the same Wi-Fi network to hijack AirPlay-enabled devices, spread malware, or launch more serious attacks, putting millions of users at risk.
The vulnerabilities were uncovered by cybersecurity firm Oligo, which revealed that many of these bugs affect not only Apple’s own devices but also third-party accessories that use the AirPlay protocol. In this extensive guide, I’m going to discuss in detail Airborne AirPlay and the effective ways to protect your iPhone, iPad, and Mac. Read on…
What Is AirPlay and Why It’s Vulnerable
AirPlay is Apple’s wireless streaming protocol used to mirror or stream audio and video between Apple devices and supported accessories such as TVs, speakers, and receivers.
The “Airborne” flaws lie in how AirPlay handles incoming data over local Wi-Fi networks. Oligo researchers found 23 vulnerabilities, including issues that allow:
- Remote Code Execution (RCE)
- Denial of Service (DoS)
- Man-in-the-Middle (MitM) attacks
- User interaction bypass
These vulnerabilities allow attackers to take control of AirPlay devices, push malicious content, or spread malware to other devices connected to the same network. Worse yet, public places like coffee shops, airports, and shared office networks are especially high-risk environments for these types of attacks.
So, Which Devices are at Risk?
While Apple has already patched 17 of the 23 known vulnerabilities across iOS, iPadOS, macOS, tvOS, and visionOS, third-party devices remain largely vulnerable. This includes smart TVs, wireless speakers, projectors, and even CarPlay systems.
Although attacking a CarPlay system would typically require physical access (such as connecting via Bluetooth or USB), the risk to home and business networks remains substantial due to the number of unpatched accessories in use today.
How to Protect Your iPhone, iPad, and Mac from “Airborne” Attacks
Now that you have sorted out the confusion, let’s look for the viable ways to safeguard your device against these insidious attacks.
1. Update All Your Apple Devices
It’s worth pointing out that Apple has already rolled out the updates that fix most of the Airborne vulnerabilities. If you haven’t already, immediately update your iPhone, iPad, Mac, Apple TV, and Vision Pro to the latest versions.
- On iPhone/iPad:
Head over to Settings > General > Software Update.
- On Mac:
Navigate to System Settings > General > Software Update.
- On Apple TV:
Launch Settings > System > Software Updates.
2. Update or Replace Vulnerable Third-Party Devices
Be warned that many AirPlay-enabled accessories—such as smart speakers and TVs—use Apple’s AirPlay SDK, which has also been patched. However, third-party manufacturers may not push updates quickly or at all.
- Therefore, make sure to check your devices’ support pages for firmware updates.
- If updates are unavailable or delayed, consider replacing older, unsupported accessories.
3. Avoid Public Wi-Fi Networks
Because “Airborne” attacks require being on the same local network, public Wi-Fi is a prime attack vector.
- Therefore, be sure to avoid connecting to public Wi-Fi when possible.
- Use a VPN to encrypt traffic if you must use shared networks.
- Disable AirPlay in public settings to prevent automatic connections.
4. Restrict AirPlay Access on Mac
On Macs running macOS Monterey or later, users can manually limit or disable AirPlay:
- Go to System Settings > General > AirPlay & Handoff
- Set AirPlay Receiver to “Off”
or select “Current User” only to block unauthorized connections.
5. Disable Unused Features
If you rarely use AirPlay, I’d recommend you entirely turn it off.
- On iPhone/iPad: Open Control Center by swiping down from the top-right or swiping up from the bottom edge of the screen > tap Screen Mirroring, and choose Stop Mirroring.
- On Mac: Disable the AirPlay Receiver option in system settings
6. Use Strong Wi-Fi Security
Make sure your home or office Wi-Fi network is using WPA3 or WPA2 encryption, and that default router passwords have been changed. Attackers often exploit weak networks to launch local attacks.
Wrapping Up…
“Airborne” is a serious wake-up call about the hidden risks of popular wireless protocols like AirPlay. While Apple has moved quickly to patch most of the known issues, the real challenge lies in third-party devices that may remain unpatched for years—or forever.
To stay safe, update regularly, limit AirPlay usage, and avoid shared networks whenever possible. Taking a few simple steps today can protect your personal data from being hijacked tomorrow.
