Security researchers from RSAC have demonstrated a method to manipulate Apple’s local language model, achieving a 76% success rate in prompt injection attacks. The flaw allowed unauthorized access to sensitive data processed by Apple Intelligence, which is deeply embedded in iOS and macOS. This integration makes the AI system a critical target for cyber threats. The discovery highlights the risks of relying on AI models that operate locally without robust security layers.
The attack exploited weaknesses in Apple Intelligence’s prompt handling. Researchers bypassed safeguards by crafting specific inputs that tricked the model into revealing protected information. The demonstration used controlled lab conditions to measure success rates across different attack vectors. Findings showed that even minor tweaks in input phrasing could significantly increase vulnerability exposure.
Apple responded by patching the issue in iOS 26.4 and macOS 26.4, released in March 2026. The updates included stricter input validation and enhanced encryption for data processed by Apple Intelligence. Users who updated their devices within the first week saw a 90% reduction in attack attempts targeting the vulnerability. The rapid response underscores the company’s commitment to addressing security flaws promptly.
Experts warn that prompt injection attacks are becoming more sophisticated. Traditional security measures like firewalls and antivirus software do not fully protect against these threats. Apple’s case shows that AI systems require specialized defenses. The company has since added real-time monitoring to detect unusual prompt patterns in Apple Intelligence.
Source: itavisen.no