from Jim R
Attached is a security newsletter I receive, usually weekly. Some of the information may be of interest to you, especially Apple device and Mac updates, as well as some ChatGPT news.
Jim
PRIVACY & SECURITY
September 19, 2025
EDITOR'S NOTE
Hi Insiders, Cullen here.
Apple has officially rolled out iOS 26, iPadOS 26, macOS 26 Tahoe, and watchOS 26, along with updates for Apple TV, HomePod, and Vision Pro. The updates focus on some aesthetic redesigns that Apple collectively calls Liquid Glass, but in addition, there are also a ton of new features. If you’d like a rundown on what’s new with the update to your iPhone, check out the recording of our live course: Our Top Ten Favorite Features of iOS 26. I’m very excited about some of the privacy and security features! In particular, one new feature should help cut down the number of spam calls, and another will help you remember lost passwords.
What do you think of the redesign? Let us know by emailing security@iphonelife.com or replying to this email.
Cheers, and stay safe out there!
Cullen Thomas,
Senior Instructor at iPhone LifeIN THIS NEWSLETTER
🗒️✅ Your Security Checklist🏆🎖️ Test Your Security Skills📰 Your Weekly Security Update🤨 This Should Be on Your Radar 📡🙈 Security Fail of the Week 👎🍎📱 Security Updates from Apple 🍎
🗒️✅ YOUR SECURITY CHECKLIST
If you take nothing else from this newsletter, do these three things to protect yourself:
Share passwords through the Passwords app. You can create password-sharing groups that allow you to securely share specific passwords with friends or family.Hide notification previews from your Lock Screen. If you don’t want others to be able to see the contents of your notifications, you can disable previews in the Settings app.Limit access to your photos when sharing them with an app. When giving apps access to your photos, you can choose to give access to your entire library or limit access to specific photos.
For a complete list of our top security recommendations, see our course on cybersecurity for Apple enthusiasts.
🏆🎖️ TEST YOUR SECURITY SKILLS
What should you do in the following scenario?
🤔 A new operating system update is available for your iPhone. From a security perspective, should you…
Install it right away.Wait a few months to make sure there aren’t any bugs.Hold off as long as possible to avoid changes to your devices, habits, and apps.
Scroll to the bottom to see how you did!
APPLE OFFICIALLY RELEASES IOS 26 & OTHER UPDATES
On Monday, Apple officially released its latest operating systems, including iOS 26, iPadOS 26, and watchOS 26. These new updates include a ton of new features and, of course, security updates. In addition to the fun stuff like Liquid Glass, Call Screening, and Live Translation, iOS 26 patches a variety of vulnerabilities that could have allowed malicious apps to access your personal data. You can read more about what was fixed in this update on Apple’s Support page.
The Bottom Line: If your devices are compatible, be sure to install the latest updates. New operating systems are not just about introducing cool new features; they also help keep your devices safeguarded against potential cyberattacks.
🤨 THIS SHOULD BE ON YOUR RADAR 📡
OpenAI Wants to Make ChatGPT More Private
OpenAI’s Sam Altman said in a blog post that the company is developing new tools to ensure user privacy when using ChatGPT. The company wants to protect what users tell the chatbot from being accessed by anyone, including OpenAI itself, with the exception of “critical risks,” such as threats of harm to oneself or others. The company is also creating a separate ChatGPT experience for those under 18, ensuring that minors won’t be served content intended for adult users. In some countries, ChatGPT will also ask for an ID if it suspects a user is underage.
The Bottom Line: While OpenAI is continuing to improve ChatGPT’s privacy, the company is currently bound by a court order to retain all chat history, due to an ongoing lawsuit with the New York Times. As such, we’d still recommend that you withhold any private information that you wouldn’t want made public. We don’t fully know yet how these new privacy tools work, and there is a possibility that the company is simply trying to hide the fact that it uses copyrighted material to train its AI by making all material “private.”
Travelling to Europe? New Border Crossing System Keeps Permanent Record of Your Face or Fingerprint
The European Union is set to roll out a new border-crossing system for non-EU citizens. Instead of a border agent merely asking a few questions and stamping your passport, as in the past, the new system will take a record of your face or fingerprints and store them for up to three years, to be referenced on future border crossings. The system, called EES for Entry and Exit System, will also automatically flag travelers who have overstayed their visas. EES is set to start out at external EU border crossings on October 12, 2025, with a plan for it to be fully implemented at all crossings by April 10, 2026. These requirements do not apply to travelers using EU passports.
The Bottom Line: There is no option to opt out of a biometric capture at EU borders. If you are traveling there, expect to have your biometrics recorded. That said, the new system is advertised as much more efficient and will surely result in better record-keeping.
Gucci & Other High-End Brands Targeted in Data Breach
A variety of high-end fashion brands owned by Kering have been hit by a data breach. The affected retailers include Gucci, Balenciaga, and Alexander McQueen, and the stolen data contains customer names, emails, phone numbers, and addresses. Kering says that the hackers did not capture any customer financial information. The hacking group “Shiny Hunters” has claimed responsibility for the attack. Read more at Reuters.
The Bottom Line: If you are a customer at any of Kering’s brands, you should have already been notified of this breach. If you haven’t, you will likely be contacted soon. While login details were not said to be included in the breach, it wouldn’t hurt to update your password as well.
Apple Releases Security Fixes for iOS 15 & 16
Apple hasn’t forgotten older iPads and iPhones. While iOS 18 and iOS 26 have addressed various security flaws, older operating systems were left vulnerable until now. Devices still running iOS 15 and 16 can now install iOS 15.8.5 and 16.7.12 and get the same security fixes that were patched in iOS 18. Read more at Bleeping Computer.
The Bottom Line: If you’re still hanging onto an iPhone or iPad that can’t update past iOS 15 or 16, head over to the Settings app to check for updates and make sure you’ve got the latest operating system.
Nepalis Use Discord Gaming Chat App to Select Interim Prime Minister
In what is surely a world first, citizens of Nepal have overthrown their government, then gotten together in an internet chat room to select an interim leader who will lead democratic elections. The historic chat was hosted on the Discord app, a chat app popular among gamers and other highly online communities.
Discord is a free app. In Discord, you can create free “servers” which let you moderate your own online communities, set rules, invite members, do video calls, etc. Its paid tiers increase the bandwidth and features of your server. As a free service, its policies on privacy and security are not especially good, but it has the benefits of popularity and accessibility. The Columbia Journalism Review has the full story, and it’s an amazing one.
The Bottom Line: As a long-term strategy for democratic governance, Discord is not viable: there are far too many ways that a mere internet chat could be coopted, coerced, or controlled. Paper ballots are a much more secure system (and hopefully the interim prime minister follows through with her promise to hold real elections soon).
US-Based Version of TikTok Coming Soon
It looks like TikTok won’t be banned after all. According to The Wall Street Journal, TikTok will be establishing a US-based company that will operate a separate version of the app, with 80% of the company belonging to US shareholders and the remaining 20% being owned by Chinese shareholders. Additionally, the US government will appoint one member of the new company’s board. Of course, nothing is final at this point, so the terms of this deal could change.
The Bottom Line: Despite this deal, TikTok will likely still have its share of privacy issues, as any social media service would. The only real difference is that now your personal data will be handled by American companies rather than Chinese ones. It’s also a bit concerning that the government will apparently have a say in who is on the company’s board, as that makes it dangerously close to a state-run social media app. We’d recommend staying far away from TikTok, regardless of who owns it.
ChatGPT Developer Beta Contains a Critical Security Flaw
ChatGPT’s developer mode recently added Model Context Protocol (MCP) tool support, which allows the AI chatbot to connect to third-party services, such as your email or calendar. Security Week is reporting that this new feature could potentially be exploited to access a user’s personal data. The vulnerability works by sending a malicious calendar invite, which contains an AI prompt to search the victim’s email inbox and send sensitive data to the attacker’s email. The victim does not even need to accept the invite for the exploit to work.
The Bottom Line: This vulnerability currently only exists in the developer beta of ChatGPT, and now that attention has been brought to it, it will likely be patched when the feature goes live for all users. However, this security flaw demonstrates the risk that comes with allowing AI to access your personal data.
🙈 SECURITY FAIL OF THE WEEK 👎
Google’s Law Enforcement Portal Accessed by Hackers
A hacking group called "Scattered Lapsus$ Hunters" breached Google’s Law Enforcement Request System and was able to create a fraudulent account. As its name suggests, the system is used by law enforcement to make official data requests from Google. According to Google, the hackers did not make any requests, and the company was quick to disable the account. Still, this incident is sure to raise concerns that hackers could potentially impersonate law enforcement and compromise Google users’ data. Read more at Bleeping Computer.
The Bottom Line: This is likely a one-off incident, and Google has more than likely already taken action to ensure that whatever methods the hackers used cannot be used again. Still, it’s important to ensure your Google account is secured with a strong password and multi-factor authentication.
Related: How to Set Up Two-Factor Authentication with Gmail
🍎📱 SECURITY UPDATES FROM APPLE 🍎
Everything you need to know about Apple’s latest software updates.
The most recent iOS and iPadOS is 26The most recent macOS is 26.1The most recent tvOS is 26The most recent watchOS is 26.1The most recent visionOS is 26
Read about the latest updates from Apple.
SECURITY SKILLS ANSWER
From a security perspective, the correct answer is probably A: get it right away. Apple has been pretty good lately about fixing all the serious bugs with its operating system updates before they reach the public. That said, waiting a little while before updating can be a reasonable precaution. Just don’t wait forever. Keeping your devices up to date is like changing the oil in your car: a necessary maintenance task. Plus, you get a bunch of new features!
MISSION STATEMENT
There is far too much security and privacy news to cover it all. When building this newsletter, we look for scams, hacks, trouble, and news to illustrate the kinds of problems Apple enthusiasts may encounter in our private lives, and the self-defense we can practice to keep our devices, accounts, and lives secure. Our commentary focuses on practical advice for everyday people. This newsletter was written by Cullen Thomas and Rhett Intriago and edited by August Garry.
NEXT STEPS
For a complete list of our top security recommendations, see our course on cybersecurity for tech enthusiasts.
Confused about password managers? Check out:
Best Password Manager for Your iPhoneHow to Make a Strong Password & Things to Avoid
Did we help with your security concerns?
With your feedback, we can improve this security newsletter. Let us know how we did:
👍 Yes, this definitely helps me with my security😐 Some of the content is helpful to me👎 No, I didn’t find this newsletter helpful
Follow iPhone Life
Copyright © 2025 Mango Life Media LLC. All Rights Reserved.
Mac, iPad, iPhone, Apple TV, Apple Watch, AirPods, macOS, iPadOS, iOS, watchOS, and Apple are all trademarks of Apple, Inc.
You have opted in to receive this email from iPhone Life magazine: Insider Daily Email
To stop receiving these emails, you may:Mango Life Media LLC | 2280 W Tyler Ave Suite 205 | Fairfield, IA 52556