A newly reported bug in Hide My Email, Apple's paid iCloud+ feature, appears to allow users’ real email addresses to be exposed behind the disposable aliases meant to protect them. While the exact method has not been disclosed to prevent exploitation, the flaw reportedly lets someone connect a Hide My Email address back to the real inbox it forwards to, weakening the core privacy purpose of the feature. Security researcher Tyler Murphy first reported the issue to Apple in June 2025, and 404 Media says it later tested and verified the vulnerability. Murphy said every attempt to exploit the issue in his testing was successful, including volunteer trials where all tested Hide My Email addresses were reportedly exploitable. Apple told him in March 2026 that the issue had been addressed through a system change, but Murphy said the exploit still worked afterward. The company later said it was still investigating and expected to release a security update in the following weeks. The report add...
Related
Google's NotebookLM is now Gemini Notebook, with expanded code execution & cross-app sync
Google has renamed its AI research and note-taking tool, NotebookLM, to Gemini Notebook. This updated identity marks a shift toward deeper integration across the Google ecosystem. ...
Google Vids adds Gemini Omni for text-based editing and personal avatars
Google Vids is rolling out Gemini Omni, enabling users to generate and edit videos through natural language prompts. The new personal avatars feature allows users to appear in vide...
GitLab 19.2 brings Duo CLI, custom AI flows, and scheduled policies GA
GitLab 19.2 is now available, introducing GitLab Duo CLI for direct terminal access to project-aware AI assistance and automations. The update also brings generally available custo...