Apple

Seven things to know about how Apple’s Creator Studio subscriptions work

Apple, apple creator studio, Final Cut Pro, iWork, keynote, Logic Pro, Numbers, Pages, Tech / Beth Washington / January 28, 2026

System requirements and other restrictions

Apple outlines detailed system requirements for each app on its support page here. For most of the Mac apps, all you need is a Mac running macOS 15.6 Sequoia or later; the only Mac app that requires macOS 26 Tahoe is Pixelmator Pro. Most of the apps will also run on either Intel or Apple Silicon Macs, though MainStage is Apple Silicon-exclusive, and “some features” in Compressor may also require Apple Silicon.

The requirements for the iPad apps are a little more restrictive; you generally need to be running either iPadOS 18.6 or iPadOS 26, and both Final Cut Pro and Pixelmator Pro either want an Apple M1, an Apple A16, or an Apple A17 Pro (in other words, it will work on every iPad Apple currently sells, but older iPad hardware is more hit or miss).

Apple also outlines a number of usage restrictions for the generative AI features that rely on external services. Apple says that, “at a minimum,” users will be able to generate 50 images, 50 presentations of between 8 to 10 slides each, and to generate presenter notes in Keynote for 700 slides. More usage may be possible, but this depends on “the complexity of the queries, server availability, and network availability.”

These AI features are all based on OpenAI technology, but don’t require users to have their own OpenAI or ChatGPT account (the flip side is that if you already pay for ChatGPT, that won’t benefit you here). Apple also says that the content you use to generate images, presentations, or notes “will never be used to train intelligence models.”

What apps aren’t getting new versions?

There are three major creative apps that Apple offers that haven’t been bundled into Creator Studio, and also haven’t gotten a major new update: iMovie, GarageBand, and Photomator.

There are extenuating circumstances that explain why these three apps haven’t been given a Creator Studio-style overhaul. The iMovie and GarageBand apps have always sort of been positioned as “lite” free-to-use versions of Final Cut Pro and Logic Pro, respectively, while Photomator is a recently acquired app that overlaps somewhat with the built-in Photos app.

Apple has nothing to share about the future of any of the three apps. Both iMovie and Photomator received minor updates today, presumably related to maintaining compatibility with the Creator Studio apps, and GarageBand was last updated a month ago. Expect them to stick around in their current forms for at least a while.

Seven things to know about how Apple’s Creator Studio subscriptions work Read More »

Apple patches ancient iOS versions to keep iMessage, FaceTime, other services working

Apple, iOS 12, iOS 15, iOS 16, ios 18, Tech / Mike M. / January 27, 2026

When Apple stops supporting older iPhones and iPads with the latest version of iOS or iPadOS, it usually isn’t the end of the line—Apple keeps releasing new security-only patches for those devices for another year or two, keeping them usable while their hardware is still reasonably capable.

Once those updates dry up, it’s rare for Apple to revisit those older operating systems, but the company does sometimes make exceptions. That was the case yesterday, when the company released a batch of updates for long-retired iOS and iPadOS versions that otherwise hadn’t seen a new patch in months or years. Those updates include iOS 12.5.8, available for devices as old as 2013’s iPhone 5S and 2014’s iPhone 6; iOS 15.8.6, available for devices like the iPhone 6S, iPhone 7, and iPad Air 2; and iOS 16.7.13, available for devices like the iPhone 8 and iPhone X.

Both iOS 15 and iOS 16 were last patched in mid-2025, but iOS 12’s last patch was released in January 2023.

These updates don’t patch security flaws or add new features. According to Apple’s release notes for the iOS 12 and iOS 15 updates, all they do is update a security certificate to ensure that iMessage, FaceTime, and Apple account sign-in will continue working past January 2027, when the operating systems’ original certificate would have expired.

Apple patches ancient iOS versions to keep iMessage, FaceTime, other services working Read More »

Apple’s AirTag 2 is easier to find thanks to new chip

AirTag, Apple, bluetooth, location tracker, Tech / Mike M. / January 26, 2026

Additionally, the speaker in the AirTag is now 50 percent louder, Apple says. These two things together address some user complaints that, as useful as an AirTag can be in ideal circumstances, sometimes it is frustrating trying to get things just right to find something. It won’t eliminate all edge cases, but it ought to help.

Apple used this announcement to also talk up some of the features of the AirTag, including the encryption that it says prevents anyone but the AirTag owner from using it, and an arrangement with airlines where users can temporarily give airlines the ability to use Apple’s network to find a specific AirTag to locate lost luggage and the like.

To be clear, the new AirTag doesn’t introduce any major new features that aren’t already offered in the previous generation—this is just an update to the device’s accuracy, volume, and range.

The price remains unchanged, at $29 for one AirTag or $99 for a pack of four. The new model is available for order on Apple’s website now and will hit physical stores later this week.

Apple’s AirTag 2 is easier to find thanks to new chip Read More »

Report: Apple plans to launch AI-powered wearable pin device as soon as 2027

AI, Apple, Gemini, Humane, llm, Siri, wearable / DJ Henderson / January 22, 2026

The report didn’t include any information about pricing, but it did say that Apple has fast-tracked the product with the hope to release it as early as 2027. Twenty million units are planned for launch, suggesting the company does not expect it to be a sensational consumer success at launch the way some of its past products, like AirPods, have been.

Not long ago, it was reported that OpenAI (the company behind ChatGPT) plans to release its own hardware, though the specifics and form factor are not publicly known. Apple is expecting fierce competition there, as well as with Meta, which Apple already expected to compete with in the emerging and related smart glasses market.

Apple has experienced significant internal turmoil over AI, with former AI lead John Giannandrea’s conservative approach to the technology failing to lead to a usable, true LLM-based Siri or other products analysts expect would make Apply stay competitive in the space with other Big Tech companies.

Just a few days ago, it was revealed that Apple will tap Google’s Gemini large language models for an LLM overhaul of Siri. Other AI-driven products like smart glasses and an in-home smart display are also planned.

Report: Apple plans to launch AI-powered wearable pin device as soon as 2027 Read More »

Signs point to a sooner-rather-than-later M5 MacBook Pro refresh

Apple, Apple M5, MacBook Air, MacBook Pro, Tech / Beth Washington / January 19, 2026

Mac power users waiting on new high-end MacBook Pro models may have been disappointed last fall, when Apple released an M5 upgrade for the low-end 14-inch MacBook Pro without touching the M4 Pro or Max versions of the laptop. But the wait for M5 Pro and M5 Max models may be nearing its end.

The tea-leaf readers at MacRumors noticed that shipping times for a handful of high-end MacBook Pro configurations have slipped into mid-to-late February, rather than being available immediately as most Mac models are. This is often, though not always, a sign that Apple has slowed down or stopped production of an existing product in anticipation of an update.

Currently, the shipping delays affect the M4 Max versions of both the 14-inch and 16-inch MacBook Pros. If you order them today, these models will arrive sometime between February 3 and February 24, depending on the configuration you choose; many M4 Pro versions are still available for same-day shipping, though adding a nano-texture display or upgrading RAM can still add a week or so to the shipping time.

Apple could choose to launch new Pro hardware on January 28, to go with the new Creator Studio subscription it announced last week. Aimed primarily at independent content creators that make their own video, audio, and images, the Creator Studio subscription bundles Final Cut Pro, Logic Pro, Pixelmator Pro, and enhancements for the Pages, Numbers, and Keynote apps (along with some other odds and ends) for $13 a month or $130 a year. None of these apps require a MacBook Pro, but many would benefit in some way from the additional CPU and GPU power, RAM, and storage available in Apple’s high-end laptops.

Of course, an imminent replacement isn’t the only reason why the shipping estimates for any given Mac might slip. Ongoing, AI-fueled RAM shortages could be causing problems, and Apple probably prioritizes production of the widely-used base-model M4 and M5 chips to the larger, more expensive, more complex Max models.

But the only other device in Apple’s lineup that offers the M4 Max and similar RAM configuration options is the high-end Mac Studio, which currently isn’t subject to the same shipping delays. That does imply that the delays are specific to the MacBook Pro—and one explanation for this is that the laptop is about to be replaced.

Signs point to a sooner-rather-than-later M5 MacBook Pro refresh Read More »

Are people avoiding iOS 26 because of Liquid Glass? It’s complicated.

Apple, ios 18, ios 26, Tech / Shannon Garcia / January 15, 2026

are people really skipping Liquid Glass?

Liquid Glass is controversial, but adoption rates aren’t as low as they seem.

iPhones running iOS 26. Credit: Apple

Last week, news about the adoption rates for Apple’s iOS 26 update started making the rounds. The new update, these reports claim, was being installed at dramatically lower rates than past iOS updates. And while we can’t infer anything about why people might choose not to install iOS 26, the conclusion being jumped to is that iPhone users are simply desperate to avoid the redesigned Liquid Glass user interface.

The numbers do, in fact, look bad: Statcounter data for January suggests that the various versions of iOS 26 are running on just 16.6 percent of all devices, compared to around 70 percent for the various versions of iOS 18. The iOS 18.7 update alone—released at the same time as iOS 26.0 in September for people who wanted the security patches but weren’t ready to step up to a brand-new OS—appears to be running on nearly one-third of all iOS devices.

Those original reports were picked up and repeated because they tell a potentially interesting story of the “huge if true” variety: that users’ aversion to the Liquid Glass design is so intense and widespread that it’s actively keeping users away from the operating system. But after examining our own traffic numbers, as well as some technical changes made in iOS 26, it appears Statcounter’s data is dramatically undercounting the number of iOS 26 devices in the wild.

We’ve taken a high-level look at all iPhone traffic across all Condé Nast websites for October, November, and December of 2025 and compared it to traffic from October, November, and December of 2024. This data suggests that iOS 26 is being adopted more slowly than iOS 18 was the year before—roughly 76 percent of all iPhone pageviews came from devices running iOS 18 in December of 2024, compared to about 45 percent for iOS 26 in December of 2025.

That’s not as cataclysmic a dropoff as Statcounter’s data suggests, even before considering other mitigating factors—iOS 26 dropped support for 2018’s iPhone XS, XS Max, and XR, for example, while iOS 18 ran on every iPhone that could run iOS 17.

But it’s still a much slower rate of adoption than we’re used to for most iOS versions, and it’s something to monitor as we get closer to iOS 27 and Apple’s first opportunity to make major changes to Liquid Glass. And to monitor it, it’s important to be able to measure it correctly. There have been behind-the-scenes changes to iOS 26 that appear to have thrown off Statcounter’s data collection—let’s talk about those, about what our own data shows, and about why you may want to upgrade to iOS 26 soon even if you don’t care for Liquid Glass.

User agent string changes in iOS 26

It turns out that telling an iOS 18 device from an iOS 26 device is harder than it ought to be, and that’s because of a change Apple made to Safari in iOS 26.

Web analytics software (and services like Statcounter) attempt to gather device data by looking at the browser’s user agent string, a short list of information about the hardware, operating system, browser, and browser engine. There are benign and useful reasons to collect this kind of data. If you’re a web developer fielding a ton of user complaints from people who are all using a specific browser or OS version, it can help you narrow down what the issue is and test a fix. You could also use the user agent string to decide whether to show the desktop or mobile version of your site to a user.

But if this information is too accurate or detailed, it can lead to “fingerprinting”—the ability for sites to identify a specific user or specific type of user from their user-agent string. Browser makers have taken steps, both together and separately, to reduce the amount of fingerprinting that is possible.

And occasionally, browsers will intentionally misrepresent their user agent string for compatibility reasons. For example, the default user agent string for Safari running on modern versions of iPadOS claims that the browser is running on top of macOS to make sites rendered on an iPad work more like sites rendered on a Mac. Apple froze the macOS version in Safari’s user agent string to 10.15.7 several years ago, partly to reduce fingerprinting and partly to resolve compatibility problems that some sites had when Apple put “macOS 11” in the user agent string after decades of macOS 10.

All of this is to say: information derived from the user-agent string is only as accurate as the OSes and browsers that are reporting their user-agent strings. And in iOS 26, Apple decided to freeze the iOS version in Safari’s user agent string to version 18 in order to reduce fingerprinting (credit to developer and blogger Niels Leenheer, who both explained this change and confirmed with Apple engineer Karl Dubost why it was made).

Which explains why anyone looking at Statcounter’s data could draw incorrect conclusions about iOS 26 adoption: because most iOS users are running Safari, and because all Safari versions running on iOS 26 are claiming to be running on iOS 18.6 or 18.7 instead.

Only third-party browsers like Google Chrome or Microsoft Edge are reporting an iOS version of 26 in their user agent strings, so what Statcounter is inadvertently measuring is the number of Chrome users who have updated to iOS 26, not the total number of users who have updated.

What our data says

There is a workaround for this, at least for iOS. Safari on iOS 26 will report an iOS version of 18.6 or 18.7, but it also reports a Safari version of 26.x. This isn’t as useful on macOS, where Safari 26 could be running on macOS 14 Sonoma, macOS 15 Sequoia, or macOS 26 Tahoe. But on iOS, Safari 26 only runs on iOS 26, so it’s a useful proxy for identifying the operating system version.

	iOS 18 Safari pageviews in 2024	iOS 26 Safari pageviews in 2025
October	24.9%	22.1%
November	35.1%	26.3%
December	75.9%	45.3%

For these stats, we’ve grouped together all devices claiming to run Safari 26 on an iPhone, regardless of whether the underlying iOS version is listed as 18.x or 26.x (some apps or third-party browsers using Apple’s built-in WebKit engine can still identify themselves as “Safari,” though Chrome, Edge, and Mozilla Firefox at least report their own user-agent strings). We’ve compared those numbers to all devices claiming to run Safari 18 on iPhones claiming to run iOS 18. This does screen out users running third-party browsers on iPhones, but Statcounter data suggests that the ratio of Safari to Chrome users on iOS hasn’t changed much over that period.

What’s interesting is that for October 2024 and October 2025—the first full month that iOS 18 and iOS 26 were available, respectively—adoption numbers don’t look all that different. About 25 percent of iPhone pageviews across all Condé Nast were served to devices running Safari on iOS 18, compared to 22 percent for iOS 26 the following year. That is a step down, but it suggests that early adopters weren’t repelled en masse by Liquid Glass or anything else about the operating system.

But the gap widens over the next two months, which does suggest that “normal” users aren’t in a rush to get the update. By December 2024, our data shows that 76 percent of iPhone Safari pageviews were going to iOS 18 devices, compared to just 45 percent for iOS 26 in December 2025.

Adoption of new iOS versions does plateau after a while. Adoption of iOS 18 hit 80 percent in January 2025, according to our data, and then rose more slowly afterward, peaking at around 91 percent in August 2025. Those stats are in the same ballpark as both Statcounter data (78 percent as of August 2025) and the last stats Apple has published (82 percent of all iPhones as of June 2025) for iOS 18. (We’ve asked the company if it has any updated internal stats to share and will update the article if we receive a response.)

We’ll see where iOS 26 eventually settles. If I’m Apple, I’m a bit less worried about slower adoption as long as iOS 26 eventually hits that same 80 to 90 percent range. But if usage settles significantly below that historical watermark, it could signal a more lasting negative response to the iOS 26 update that needs to be addressed in future versions.

Why it’s time to take the plunge, even if you don’t like Liquid Glass

Apple’s most recent security updates for iOS 18 are only available for phones that can’t run iOS 26 at all, like the iPhone XR. That means it’s probably time to install iOS 26 even if you don’t like Liquid Glass. Credit: Samuel Axon

However you feel about Liquid Glass, we’re getting to the point that upgrading is going to become necessary for people who want security patches and functional fixes for their phones.

For a short time after each new iOS version is released, Apple continues to provide security patches for the previous version of iOS, for people who would rather wait for early bugs in the new OS to be patched. The company started this practice in 2021, when it provided security patches for iOS 14 for a couple of months after the release of iOS 15. But those patches don’t last forever, and eventually devices that can upgrade to the new operating system will need to do it to stay patched.

Apple never formally announces when these security updates have stopped, but you can tell by looking at the company’s security updates page. The iOS 18.7, 18.7.1, and 18.7.2 updates all apply to the “iPhone XS and later.” But the iOS 18.7.3 update released on December 12, 2025, only applies to the iPhone XS, iPhone XS Max, and iPhone XR. It’s a subtle difference, but it means that Apple is only continuing to patch iOS 18 on devices that can’t run iOS 26.

This is standard practice for iPhones and iPads, but it differs from the update model Apple uses for macOS—any Mac can continue to download and install security updates for macOS 14 Sonoma and macOS 15 Sequoia, regardless of whether they’re eligible for the macOS 26 Tahoe upgrade.

If you skipped the early versions of iOS 26 and iPadOS 26 because of Liquid Glass, the good news is that Apple provided options to allow users to tone down the effect. The iOS 26.1 update added a “tinted” option for Liquid Glass, increasing the interface’s contrast and opacity to help with the legibility issues you’ll occasionally run into with the default settings. The company also added opacity controls for the lock screen clock in iOS 26.2. Personally, I also found it helpful to switch the Tabs view in the Safari settings from “Compact” to “Bottom” to make the browser look and act more like it did in its iOS 18-era iteration.

Those settings may feel like half-measures to hardcore Liquid Glass haters who just want Apple to revert to its previous design language. But if you’ve got a modern iPhone or iPad and you want to stay up to date and secure, those toggles (plus additional controls for motion and transparency in the Accessibility settings) may at least ease the transition for you.

Andrew is a Senior Technology Reporter at Ars Technica, with a focus on consumer tech including computer hardware and in-depth reviews of operating systems like Windows and macOS. Andrew lives in Philadelphia and co-hosts a weekly book podcast called Overdue.

Are people avoiding iOS 26 because of Liquid Glass? It’s complicated. Read More »

Civilization VII is headed to iPhone and iPad with “Arcade Edition”

2K Games, 4X, Apple, Apple Arcade, Behaviour Interactive, Civiliation VII, civilization, Firaxis Games, gaming, strategy games / 9u50fv / January 14, 2026

Civilization VII is coming to the iPhone and iPad, Apple and publisher 2K announced today.

Formally titled Sid Meier’s Civilization VII Arcade Edition, it is developed by Behaviour Interactive with input from original developer Firaxis Games.

The game will be available as part of the Apple Arcade service, which offers ad-free games for Apple platforms for $7 per month. Neither announcement makes any mention of a non-Arcade version, so this appears to be exclusively part of the subscription.

That shouldn’t be too much of a surprise; full-priced premium games have struggled on the platform when not bundled in a subscription. For example, Rockstar Games’ Red Dead Redemption came out both as a standalone title on the App Store and as part of Netflix’s subscription. The Netflix version surpassed a staggering 3.3 million downloads, while the $40 direct purchase managed just over 10,000.

The announcement calls this release “the authentic Civilization experience,” which you can probably take to mean that it doesn’t simplify the gameplay in any way. That said, there is some fine print you shouldn’t miss.

The App Store listing for the game says this release will not receive any of the DLC planned for other platforms. It also notes that “post-launch updates that apply to other platforms may be excluded or delayed.” Also, the supported players listed is “1,” suggesting it may not have multiplayer. (The desktop and console versions already lack hotseat multiplayer, but they support online play.)

Civilization VII is headed to iPhone and iPad with “Arcade Edition” Read More »

The RAM shortage’s silver lining: Less talk about “AI PCs”

AI, Apple, Biz & IT, dell, Desktops, generative ai, IDC, laptops, Tech / 9u50fv / January 13, 2026

RAM prices have soared, which is bad news for people interested in buying, building, or upgrading a computer this year, but it’s likely good news for people exasperated by talk of so-called AI PCs.

As Ars Technica has reported, the growing demands of data centers, fueled by the AI boom, have led to a shortage of RAM and flash memory chips, driving prices to skyrocket.

In an announcement today, Ben Yeh, principal analyst at technology research firm Omdia, said that in 2025, “mainstream PC memory and storage costs rose by 40 percent to 70 percent, resulting in cost increases being passed through to customers.”

Overall, global PC shipments increased in 2025, according to Omdia, (which pegged growth at 9.2 percent compared to 2024), and IDC, (which today reported 9.6 percent growth), but analysts expect PC sales to be more tumultuous in 2026.

“The year ahead is shaping up to be extremely volatile,” Jean Philippe Bouchard, research VP with IDC’s worldwide mobile device trackers, said in a statement.

Both analyst firms expect PC makers to manage the RAM shortage by raising prices and by releasing computers with lower memory specs. IDC expects price hikes of 15 to 20 percent and for PC RAM specs to “be lowered on average to preserve memory inventory on hand,” Bouchard said. Omdia’s Yeh expects “leaner mid to low-tier configurations to protect margins.”

“These RAM shortages will last beyond just 2026, and the cost-conscious part of the market is the one that will be most impacted,” Jitesh Ubrani, research manager for worldwide mobile device trackers at IDC, told Ars via email.

IDC expects vendors to “prioritize midrange and premium systems to offset higher component costs, especially memory.”

The RAM shortage’s silver lining: Less talk about “AI PCs” Read More »

Apple’s Mac and iPad creative apps get bundled into “Creator Studio” subscription

Apple, Final Cut Pro, Logic Pro, Pixelmator, Tech / DJ Henderson / January 13, 2026

Apple’s professional creative apps have been slower to jump on the subscription bandwagon than those from Adobe or some of its other competitors, but the company is taking a step in that direction today. Starting on January 28, Apple will offer an Apple Creator Studio subscription for $13 a month, or $130 a year. Subscribers will get access to the Mac and (where applicable) iPad versions of Final Cut Pro, Logic Pro, Pixelmator Pro, Motion, Compressor, and MainStage, as well as “intelligent features and premium content” for the Mac, iPad, and iPhone versions of Keynote, Pages, Numbers, and Freeform.

Apple says it will also offer a one-month free trial for the subscription and a discounted version for students at $3 a month, or $30 a year.

Most of the apps also seem to be getting small feature updates to go along with the Creator Studio announcement. Final Cut will get a new Transcript Search feature that will allow you to dig through video footage by searching for specific dialogue, and a new Montage Maker feature “will analyze and edit together a dynamic video based on the best visual moments within the footage.” An updated Logic Pro “helps creators deliver original music for their video content” and adds a synth player to the app’s lineup of “AI Session Players.”

The biggest update is probably a new version of Pixelmator Pro for the iPad, designed around the Apple Pencil accessory. When Apple announced it was acquiring Pixelmator in late 2024, the image and vector editing app was only available for the Mac.

As for Keynote, Pages, and Numbers—in another lifetime, the apps formerly known as “iWork”—the core apps remain free, but the Creator Studio subscription adds “premium templates and themes” for the apps, as well as access to a Content Hub that provides “curated, high-quality photos, graphics, and illustrations” for the apps. Apple is also offering a handful of OpenAI-powered generative features, including upscaling and transformation for existing images, the ability to generate images from text, and a Keynote feature that will create a slide deck from a text outline.

Apple’s Mac and iPad creative apps get bundled into “Creator Studio” subscription Read More »

Apple chooses Google’s Gemini over OpenAI’s ChatGPT to power next-gen Siri

AI, Apple, Gemini, Google, openai, Siri, Tech / DJ Henderson / January 12, 2026

The “more intelligent” version of Siri that Apple plans to release later this year will be backed by Google’s Gemini language models, the company announced today. CNBC reports that the deal is part of a “multi-year partnership” between Apple and Google that will allow Apple to use Google’s AI models in its own software.

“After careful evaluation, we determined that Google’s technology provides the most capable foundation for Apple Foundation Models and we’re excited about the innovative new experiences it will unlock for our users,” reads an Apple statement given to CNBC.

Today’s announcement confirms reporting by Bloomberg’s Mark Gurman late last year that Apple and Google were nearing a deal. Apple didn’t disclose terms, but Gurman said that Apple would be paying Google “about $1 billion a year” for access to its AI models “following an extensive evaluation period.”

Bloomberg has also reported that the Gemini model would be run on Apple’s Private Cloud Compute servers, “ensuring that user data remains walled off from Google’s infrastructure,” and that Apple still hopes to improve its own in-house language models to the point that they can eventually be used instead of relying on third-party models.

Apple chooses Google’s Gemini over OpenAI’s ChatGPT to power next-gen Siri Read More »

Expired certificate completely breaks macOS Logitech apps, user customizations

Apple, Logitech, macOS, Tech / DJ Henderson / January 7, 2026

If you’re a Mac user with Logitech accessories and you’ve noticed that your settings and customizations seem to have gone away this week, you’re not alone.

The company’s Logi Options+ and G Hub apps for macOS abruptly stopped functioning on Monday, refusing to launch and reverting all accessories’ settings to their built-in defaults.

The culprit, according to both a Logitech support page and Reddit posts from Logitech Head of Global Marketing Joe Santucci, was a security certificate that was inadvertently allowed to expire, rendering both apps non-functional.

“The certificate that expired is used to secure inter-process communications and the expiration results in the software not being able to start successfully,” wrote Santucci in one post. “We dropped the ball here,” he said in another post. “This is an inexcusable mistake. We’re extremely sorry for the inconvenience caused.”

Logitech is already offering patches for both apps that include an updated certificate. But unfortunately for users, one of the features broken by the expired certificate is the app’s built-in updater, meaning that there’s no automated way for Logitech to fix this problem. Anyone who wants their apps to work and their customizations to return will need to manually grab the patch (or updated versions of the apps, which Logitech says it is also working on). If you use both apps, each will need to be patched separately.

Expired certificate completely breaks macOS Logitech apps, user customizations Read More »

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025

2025 year end, AI, Apple, Biz & IT, Cloud, Security, signal messenger, supply chain attacks / 9u50fv / December 31, 2025

The past year has seen plenty of hacks and outages. Here are the ones topping the list.

Credit: Aurich Lawson | Getty Images

In a roundup of the top stories of 2024, Ars included a supply-chain attack that came dangerously close to inflicting a catastrophe for thousands—possibly millions—of organizations, which included a large assortment of Fortune 500 companies and government agencies. Supply-chain attacks played prominently again this year, as a seemingly unending rash of them hit organizations large and small.

For threat actors, supply-chain attacks are the gift that keeps on giving—or, if you will, the hack that keeps on hacking. By compromising a single target with a large number of downstream users—say a cloud service or maintainers or developers of widely used open source or proprietary software—attackers can infect potentially millions of the target’s downstream users. That’s exactly what threat actors did in 2025.

Poisoning the well

One such event occurred in December 2024, making it worthy of a ranking for 2025. The hackers behind the campaign pocketed as much as $155,000 from thousands of smart-contract parties on the Solana blockchain.

Hackers cashed in by sneaking a backdoor into a code library used by developers of Solana-related software. Security firm Socket said it suspects the attackers compromised accounts belonging to the developers of Web3.js, an open source library. They then used the access to add a backdoor to a package update. After the developers of decentralized Solana apps installed the malicious update, the backdoor spread further, giving the attackers access to individual wallets connected to smart contracts. The backdoor could then extract private keys.

There were too many supply-chain attacks this year to list them all. Some of the other most notable examples included:

The seeding of a package on a mirror proxy that Google runs on behalf of developers of the Go programming language. More than 8,000 other packages depend on the targeted package to work. The malicious package used a name that was similar to the legitimate one. Such “typosquatted” packages get installed when typos or inattention lead developers to inadvertently select them rather than the one they actually want.
The flooding of the NPM repository with 126 malicious packages downloaded more than 86,000 times. The packages were automatically installed via a feature known as Remote Dynamic Dependencies.
The backdooring of more than 500 e-commerce companies, including a $40 billion multinational company. The source of the supply-chain attack was the compromise of three software developers—Tigren, Magesolution (MGS), and Meetanshi—that provide software that’s based on Magento, an open source e-commerce platform used by thousands of online stores.
The compromising of dozens of open source packages that collectively receive 2 billion weekly downloads. The compromised packages were updated with code for transferring cryptocurrency payments to attacker-controlled wallets.
The compromising of tj-actions/changed-files, a component of tj-actions, used by more than 23,000 organizations.
The breaching of multiple developer accounts using the npm repository and the subsequent backdooring of 10 packages that work with talent agency Toptal. The malicious packages were downloaded roughly 5,000 times.

Memory corruption, AI chatbot style

Another class of attack that played out more times in 2025 than anyone can count was the hacking of AI chatbots. The hacks with the farthest-reaching effects were those that poisoned the long-term memories of LLMs. In much the way supply-chain attacks allow a single compromise to trigger a cascade of follow-on attacks, hacks on long-term memory can cause the chatbot to perform malicious actions over and over.

One such attack used a simple user prompt to instruct a cryptocurrency-focused LLM to update its memory databases with an event that never actually happened. The chatbot, programmed to follow orders and take user input at face value, was unable to distinguish a fictional event from a real one.

The AI service in this case was ElizaOS, a fledgling open source framework for creating agents that perform various blockchain-based transactions on behalf of a user based on a set of predefined rules. Academic researchers were able to corrupt the ElizaOS memory by feeding it sentences claiming certain events—which never actually happened—occurred in the past. These false events then influence the agent’s future behavior.

An example attack prompt claimed that the developers who designed ElizaOS wanted it to substitute the receiving wallet for all future transfers to one controlled by the attacker. Even when a user specified a different wallet, the long-term memory created by the prompt caused the framework to replace it with the malicious one. The attack was only a proof-of-concept demonstration, but the academic researchers who devised it said that parties to a contract who are already authorized to transact with the agent could use the same techniques to defraud other parties.

Independent researcher Johan Rehberger demonstrated a similar attack against Google Gemini. The false memories he planted caused the chatbot to lower defenses that normally restrict the invocation of Google Workspace and other sensitive tools when processing untrusted data. The false memories remained in perpetuity, allowing an attacker to repeatedly profit from the compromise. Rehberger presented a similar attack in 2024.

A third AI-related proof-of-concept attack that garnered attention used a prompt injection to cause GitLab’s Duo chatbot to add malicious lines to an otherwise legitimate code package. A variation of the attack successfully exfiltrated sensitive user data.

Yet another notable attack targeted the Gemini CLI coding tool. It allowed attackers to execute malicious commands—such as wiping a hard drive—on the computers of developers using the AI tool.

Using AI as bait and hacking assistants

Other LLM-involved hacks used chatbots to make attacks more effective or stealthier. Earlier this month, two men were indicted for allegedly stealing and wiping sensitive government data. One of the men, prosecutors said, tried to cover his tracks by asking an AI tool “how do i clear system logs from SQL servers after deleting databases.” Shortly afterward, he allegedly asked the tool, “how do you clear all event and application logs from Microsoft windows server 2012.” Investigators were able to track the defendants’ actions anyway.

In May, a man pleaded guilty to hacking an employee of The Walt Disney Company by tricking the person into running a malicious version of a widely used open source AI image-generation tool.

And in August, Google researchers warned users of the Salesloft Drift AI chat agent to consider all security tokens connected to the platform compromised following the discovery that unknown attackers used some of the credentials to access email from Google Workspace accounts. The attackers used the tokens to gain access to individual Salesforce accounts and, from there, to steal data, including credentials that could be used in other breaches.

There were also multiple instances of LLM vulnerabilities that came back to bite the people using them. In one case, CoPilot was caught exposing the contents of more than 20,000 private GitHub repositories from companies including Google, Intel, Huawei, PayPal, IBM, Tencent, and, ironically, Microsoft. The repositories had originally been available through Bing as well. Microsoft eventually removed the repositories from searches, but CoPilot continued to expose them anyway.

Meta and Yandex caught red-handed

Another significant security story cast both Meta and Yandex as the villains. Both companies were caught exploiting an Android weakness that allowed them to de-anonymize visitors so years of their browsing histories could be tracked.

The covert tracking—implemented in the Meta Pixel and Yandex Metrica trackers—allowed Meta and Yandex to bypass core security and privacy protections provided by both the Android operating system and browsers that run on it. Android sandboxing, for instance, isolates processes to prevent them from interacting with the OS and any other app installed on the device, cutting off access to sensitive data or privileged system resources. Defenses such as state partitioning and storage partitioning, which are built into all major browsers, store site cookies and other data associated with a website in containers that are unique to every top-level website domain to ensure they’re off-limits for every other site.

A clever hack allowed both companies to bypass those defenses.

2025: The year of cloud failures

The Internet was designed to provide a decentralized platform that could withstand a nuclear war. As became painfully obvious over the past 12 months, our growing reliance on a handful of companies has largely undermined that objective.

The outage with the biggest impact came in October, when a single point of failure inside Amazon’s sprawling network took out vital services worldwide. It lasted 15 hours and 32 minutes.

The root cause that kicked off a chain of events was a software bug in the software that monitors the stability of load balances by, among other things, periodically creating new DNS configurations for endpoints within the Amazon Web Services network. A race condition—a type of bug that makes a process dependent on the timing or sequence of events that are variable and outside the developers’ control—caused a key component inside the network to experience “unusually high delays needing to retry its update on several of the DNS endpoint,” Amazon said in a post-mortem. While the component was playing catch-up, a second key component—a cascade of DNS errors—piled up. Eventually, the entire network collapsed.

AWS wasn’t the only cloud service that experienced Internet-paralyzing outages. A mysterious traffic spike last month slowed much of Cloudflare—and by extension, the Internet—to a crawl. Cloudflare experienced a second major outage earlier this month. Not to be outdone, Azure—and by extension, its customers—experienced an outage in October.

Honorable mentions

Honorable mentions for 2025 security stories include:

Code in the Deepseek iOS app that caused Apple devices to send unencrypted traffic, without first being encrypted, to Bytedance, the Chinese company that owns TikTok. The lack of encryption made the data readable to anyone who could monitor the traffic and opened it to tampering by more sophisticated attackers. Researchers who uncovered the failure found other weaknesses in the app, giving people yet another reason to steer clear of it.
The discovery of bugs in Apple chips that could have been exploited to leak secrets from Gmail, iCloud, and other services. The most severe of the bugs is a side channel in a performance enhancement known as speculative execution. Exploitation could allow an attacker to read memory contents that would otherwise be off-limits. An attack of this side channel could be leveraged to steal a target’s location history from Google Maps, inbox content from Proton Mail, and events stored in iCloud Calendar.

Proving that not all major security stories involve bad news, the Signal private messaging app got a major overhaul that will allow it to withstand attacks from quantum computers. As I wrote, the elegance and adeptness that went into overhauling an instrument as complex as the app was nothing short of a triumph. If you plan to click on only one of the articles listed in this article, this is the one.

Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82.

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025 Read More »