Friday, May 2, 2025
HomeSecurity NewsNew ChaiOS "Text Bomb" Bug that can Crash any iPhones, iPads and...

New ChaiOS “Text Bomb” Bug that can Crash any iPhones, iPads and Macs with a Single Link

Published on

SIEM as a Service

Follow Us on Google News

A new bug dubbed chaiOS ” Text Bomb ” can affect iMessage apps on macOS and iOS. On iPhone, a single malicious link can cause the device to crash and with macOS, it kills safari browser.

The bug was discovered by Abraham Masri and it makes the target device to freeze, drain the battery and possibly restart.

He posted the PoC link in GitHub and reported in twitter, at the time of writing the link ends up with 404, seems GitHub administrator removed it.

- Advertisement - Google News

https://twitter.com/cheesecakeufo/status/953401511429726210

9to5mac reported the chaiOS bug and had mixed results “In some instances, sending the link would cause both the sender and recipient’s device to respiring or cause the Messages app to instantly freeze and crash“.

ChaiOS bug tested with iOS 11.1.2, users don’t require to do any installation, all they need to do is simply sending the malicious link in an SMS message.

The flaw resembles Effective Power bug which hits iPhone a few years before. ChaiOS will not make a serious impact as of now, it can be used to play pranks.

Also Read Apple Released a Critical Security Updates for iOS 11.2.1

“I found a (small) bug that causes the device to freeze, respring, drains the battery, and/or sometimes panic,” says Abraham Masri.

No need to install anything. Just open, tap then paste. Here you can see how it works.

Mitigations – Text Bomb

  • Forcing the message app to close and delete the thread.
  • Reddit user “TeCHEyE_RDT” suggested to send a message to yourself and delete the threat.
Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists

Multiple Dutch organizations have experienced significant service disruptions this week due to a series...

Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands

A major supply chain security incident has rocked the Python open-source community as researchers...

CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical...

NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code

NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme

The Federal Bureau of Investigation (FBI) has issued a warning regarding an emerging scam...

New ‘Waiting Thread Hijacking’ Malware Technique Evades Modern Security Measures

Security researchers have unveiled a new malware process injection technique dubbed "Waiting Thread Hijacking"...

EU’s GDPR Article 7 Poses New Challenges for Businesses To Secure AI-Generated Image Data

As businesses worldwide embrace digital transformation, the European Union’s General Data Protection Regulation (GDPR),...