[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"nav-categories":3,"article-veritasium-just-exposed-a-serious-apple-pay-vulnerability-that-lets-thieves-drain-locked-iphones":70},{"data":4},[5,37,57,64],{"name":6,"slug":7,"categories":8},"Productivity","productivity",[9,13,17,21,25,29,33],{"id":10,"title":11,"slug":12},17,"Branding","branding",{"id":14,"title":15,"slug":16},19,"Marketing","marketing",{"id":18,"title":19,"slug":20},20,"Work","work",{"id":22,"title":23,"slug":24},34,"Community","community",{"id":26,"title":27,"slug":28},21,"For newbies","for-newbies",{"id":30,"title":31,"slug":32},24,"Investment","investment",{"id":34,"title":35,"slug":36},22,"Finance","finance",{"name":38,"slug":39,"categories":40},"Tech","tech",[41,45,49,53],{"id":42,"title":43,"slug":44},28,"Technology","technology",{"id":46,"title":47,"slug":48},32,"Artificial Intelligence","artificial-intelligence",{"id":50,"title":51,"slug":52},26,"Security and protection","security-and-protection",{"id":54,"title":55,"slug":56},31,"YouTube Blog","youtube-blog",{"name":58,"slug":59,"categories":60},"News","news",[61],{"id":62,"title":58,"slug":63},18,"quasanews",{"name":65,"slug":66,"categories":67},"Business","business",[68],{"id":69,"title":65,"slug":66},16,{"post":71,"published_news":96,"popular_news":152,"categories":223},{"title":72,"description":73,"meta_title":72,"meta_description":74,"meta_keywords":73,"text":75,"slug":76,"created_at":77,"publish_at":78,"formatted_created_at":79,"category_id":42,"links":80,"view_type":85,"video_url":86,"views":87,"likes":88,"lang":89,"comments_count":88,"category":90},"Veritasium Just Exposed a Serious Apple Pay Vulnerability That Lets Thieves Drain Locked iPhones","A new video from Derek Muller (Veritasium) has gone viral for all the wrong reasons.","no Face ID, no passcode entered — while an attacker uses a custom device to steal $10,000 through Apple Pay in a matter of seconds","\u003Cp>A new video from Derek Muller (Veritasium) has gone viral for all the wrong reasons. In it, Marques Brownlee (MKBHD) stands with his iPhone completely locked — no Face ID, no passcode entered — while an attacker uses a custom device to steal \u003Cstrong>$10,000\u003C/strong> through Apple Pay in a matter of seconds.\u003C/p>\n\n\u003Cp>The vulnerability has existed since at least \u003Cstrong>2021\u003C/strong>.\u003C/p>\n\n\u003Ch4>\u003Cstrong>How the Attack Works\u003C/strong>\u003C/h4>\n\n\u003Cp>The exploit is a sophisticated \u003Cstrong>relay attack\u003C/strong> (also known as a man-in-the-middle attack on NFC):\u003C/p>\n\n\u003Col>\n\t\u003Cli>The attacker places a custom relay device between the victim’s iPhone and a real payment terminal (or a fake one).\u003C/li>\n\t\u003Cli>The device intercepts and forwards NFC communication in real time.\u003C/li>\n\t\u003Cli>Because of design choices made for compatibility and convenience, the iPhone approves the transaction \u003Cstrong>without ever being unlocked\u003C/strong>.\u003C/li>\n\u003C/ol>\n\n\u003Cp>\u003Cstrong>\u003Cpicture>\u003Csource srcset=\"https://cdn.quasa.io/photos/0001/image-2026-05-06t142201485.webp\" type=\"image/webp\">\u003Cimg alt=\"Veritasium Just Exposed a Serious Apple Pay Vulnerability That Lets Thieves Drain Locked iPhones\" class=\"image-align-right\" height=\"447\" src=\"https://cdn.quasa.io/photos/0001/image-2026-05-06t142201485.jpg\" width=\"300\" />\u003C/picture>Key factors that make this possible:\u003C/strong>\u003C/p>\n\n\u003Cul>\n\t\u003Cli>\u003Cstrong>Unencrypted communication\u003C/strong> between the phone and terminal (needed for global compatibility with millions of older terminals).\u003C/li>\n\t\u003Cli>\u003Cstrong>iOS feature\u003C/strong> that allows Apple Pay transactions without unlocking the device — originally introduced for fast transit payments (subway, bus, etc.).\u003C/li>\n\t\u003Cli>\u003Cstrong>Flawed terminal logic\u003C/strong> — many payment terminals (especially transit ones) only ask the card “Is this a small amount?” instead of verifying the exact sum.\u003C/li>\n\t\u003Cli>\u003Cstrong>iOS trusts the terminal’s estimate\u003C/strong> — unlike Samsung phones, which independently verify the requested amount and block suspicious transactions.\u003C/li>\n\t\u003Cli>\u003Cstrong>Visa-specific weakness\u003C/strong> in how some transit systems handle authorization (the attack reportedly doesn’t work the same way with Mastercard).\u003C/li>\n\u003C/ul>\n\n\u003Cp>All these pieces must align for the attack to succeed, but as the video dramatically shows, it’s entirely realistic in targeted scenarios.\u003C/p>\n\n\u003Chr />\n\u003Ch4>\u003Cstrong>The Blame Game\u003C/strong>\u003C/h4>\n\n\u003Cp>\u003Cpicture>\u003Csource srcset=\"https://cdn.quasa.io/photos/0001/image-2026-05-06t142204688.webp\" type=\"image/webp\">\u003Cimg alt=\"Veritasium Just Exposed a Serious Apple Pay Vulnerability That Lets Thieves Drain Locked iPhones\" class=\"image-align-left\" height=\"223\" src=\"https://cdn.quasa.io/photos/0001/image-2026-05-06t142204688.jpg\" width=\"150\" />\u003C/picture>Both Apple and Visa have known about variants of this issue for years.\u003C/p>\n\n\u003Cul>\n\t\u003Cli>Apple reportedly told researchers it’s a Visa problem.\u003C/li>\n\t\u003Cli>Visa’s position is that it’s cheaper and simpler to handle chargebacks and refunds than to overhaul its payment architecture and encryption standards across millions of terminals worldwide.\u003C/li>\n\u003C/ul>\n\n\u003Cp>In other words: nobody wants to fix the root cause because it’s expensive and inconvenient.\u003C/p>\n\n\u003Chr />\n\u003Ch4>\u003Cstrong>Why This Matters\u003C/strong>\u003C/h4>\n\n\u003Cp>\u003Cpicture>\u003Csource srcset=\"https://cdn.quasa.io/photos/0001/image-2026-05-06t142202960.webp\" type=\"image/webp\">\u003Cimg alt=\"Veritasium Just Exposed a Serious Apple Pay Vulnerability That Lets Thieves Drain Locked iPhones\" class=\"image-align-right\" height=\"402\" src=\"https://cdn.quasa.io/photos/0001/image-2026-05-06t142202960.jpg\" width=\"270\" />\u003C/picture>This isn’t just a theoretical research vulnerability. The Veritasium video proves it works in practice against a real locked iPhone in 2025/2026. Anyone carrying their primary payment method in their pocket could be at risk in crowded places — subways, events, streets — especially if an attacker has a targeted setup.\u003C/p>\n\n\u003Cp>Apple has made some improvements over the years (Express Transit mode can be toggled, Express Cards have limits, etc.), but the core architectural issues remain.\u003C/p>\n\n\u003Cp>Also read:\u003C/p>\n\n\u003Cul>\n\t\u003Cli>\u003Ca href=\"https://quasa.io/media/why-does-starbucks-call-its-sizes-tall-grande-and-venti-instead-of-small-medium-and-large\">Why Does Starbucks Call Its Sizes Tall, Grande, and Venti Instead of Small, Medium, and Large?\u003C/a>\u003C/li>\n\t\u003Cli>\u003Ca href=\"https://quasa.io/media/teledildonics-how-hackers-are-literally-screwing-with-your-sex-life\">Teledildonics: How Hackers Are Literally Screwing With Your Sex Life\u003C/a>\u003C/li>\n\t\u003Cli>\u003Ca href=\"https://quasa.io/media/the-10-million-deal-that-turned-crocs-into-a-fashion-empire-the-untold-story-of-jibbitz\">The $10 Million Deal That Turned Crocs Into a Fashion Empire: The Untold Story of Jibbitz\u003C/a>\u003C/li>\n\u003C/ul>\n\n\u003Chr />\n\u003Ch4>\u003Cstrong>What You Can Do Right Now\u003C/strong>\u003C/h4>\n\n\u003Cul>\n\t\u003Cli>Turn off \u003Cstrong>Express Transit\u003C/strong> mode when not needed.\u003C/li>\n\t\u003Cli>Use a strong passcode and enable \u003Cstrong>Stolen Device Protection\u003C/strong>.\u003C/li>\n\t\u003Cli>Consider adding a secondary card with low limits for daily use.\u003C/li>\n\t\u003Cli>For high-value protection, some users are switching certain payments to cards or phones with stronger amount verification (Samsung, newer Google Pixel in some regions).\u003C/li>\n\u003C/ul>\n\n\u003Cp>The Veritasium video is a masterclass in security research communication — clear, dramatic, and deeply concerning. It shows once again that in the world of contactless payments, convenience and security are still in tension, and sometimes convenience wins.\u003C/p>\n\n\u003Cp>\u003Ca href=\"https://www.youtube.com/watch?v=PPJ6NJkmDAo\">Watch the full video here: Veritasium — The $10,000 Apple Pay Hack\u003C/a>\u003C/p>\n\n\u003Cp>Your locked iPhone may not be as safe as you think.\u003C/p>","veritasium-just-exposed-a-serious-apple-pay-vulnerability-that-lets-thieves-drain-locked-iphones","2026-05-06T12:23:38.000000Z","2026-05-17T11:15:00.000000Z","17.05.2026",{"image":81,"image_webp":82,"thumb":83,"thumb_webp":84},"https://cdn.quasa.io/images/news/zHltLMJA6VZ6ZNKIG6c6hooZB9m3EnIOPMvPfRZ4.jpg","https://cdn.quasa.io/images/news/zHltLMJA6VZ6ZNKIG6c6hooZB9m3EnIOPMvPfRZ4.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/zHltLMJA6VZ6ZNKIG6c6hooZB9m3EnIOPMvPfRZ4.jpg","https://cdn.quasa.io/thumbs/news-thumb/images/news/zHltLMJA6VZ6ZNKIG6c6hooZB9m3EnIOPMvPfRZ4.webp","small",null,9,0,"en",{"id":42,"title":43,"slug":44,"meta_title":91,"meta_description":92,"meta_keywords":93,"deleted_at":86,"created_at":94,"updated_at":95,"lang":89},"Technology | AI Breakthroughs and Fresh News | QUASA","All the most interesting and useful about technologies. Exclusive articles from technologies you won't find anywhere else.","Technology, tech, business, ai, gadget, gadgets, life hacks","2023-03-23T08:15:32.000000Z","2026-04-22T15:05:32.000000Z",[97,101,113,126,139],{"title":72,"description":73,"slug":76,"created_at":77,"publish_at":78,"formatted_created_at":79,"category":98,"links":99,"view_type":85,"video_url":86,"views":87,"likes":88,"lang":89,"comments_count":88,"is_pinned":100},{"title":43,"slug":44},{"image":81,"image_webp":82,"thumb":83,"thumb_webp":84},false,{"title":102,"description":103,"slug":104,"created_at":105,"publish_at":106,"formatted_created_at":79,"category":107,"links":108,"view_type":85,"video_url":86,"views":14,"likes":88,"lang":89,"comments_count":88,"is_pinned":100},"SAP Blocks Open-Source AI Agents from Accessing Its Systems","In a move that has sent ripples through the enterprise AI community, German software giant SAP has begun actively blocking unauthorized open-source AI agents from extracting data from its core business applications.","sap-blocks-open-source-ai-agents-from-accessing-its-systems","2026-05-06T11:36:18.000000Z","2026-05-17T09:28:00.000000Z",{"title":58,"slug":63},{"image":109,"image_webp":110,"thumb":111,"thumb_webp":112},"https://cdn.quasa.io/images/news/sQ9hEOff2YGkc4AJkWgLpDpCFbo5tERJ0SKZvKFm.jpg","https://cdn.quasa.io/images/news/sQ9hEOff2YGkc4AJkWgLpDpCFbo5tERJ0SKZvKFm.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/sQ9hEOff2YGkc4AJkWgLpDpCFbo5tERJ0SKZvKFm.jpg","https://cdn.quasa.io/thumbs/news-thumb/images/news/sQ9hEOff2YGkc4AJkWgLpDpCFbo5tERJ0SKZvKFm.webp",{"title":114,"description":115,"slug":116,"created_at":117,"publish_at":118,"formatted_created_at":79,"category":119,"links":120,"view_type":85,"video_url":86,"views":125,"likes":88,"lang":89,"comments_count":88,"is_pinned":100},"Peter Thiel Leads $140 Million Bet on Floating AI Data Centers Powered by Ocean Waves","Peter Thiel, co-founder of PayPal and Palantir, has just placed one of the most audacious bets yet in the AI infrastructure race.","peter-thiel-leads-140-million-bet-on-floating-ai-data-centers-powered-by-ocean-waves","2026-05-06T11:23:14.000000Z","2026-05-17T06:17:00.000000Z",{"title":31,"slug":32},{"image":121,"image_webp":122,"thumb":123,"thumb_webp":124},"https://cdn.quasa.io/images/news/b0xnrkeYGiXpWYXi5Vx0heMtg3QLQsLb3O8EJeZ5.jpg","https://cdn.quasa.io/images/news/b0xnrkeYGiXpWYXi5Vx0heMtg3QLQsLb3O8EJeZ5.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/b0xnrkeYGiXpWYXi5Vx0heMtg3QLQsLb3O8EJeZ5.jpg","https://cdn.quasa.io/thumbs/news-thumb/images/news/b0xnrkeYGiXpWYXi5Vx0heMtg3QLQsLb3O8EJeZ5.webp",38,{"title":127,"description":128,"slug":129,"created_at":130,"publish_at":131,"formatted_created_at":79,"category":132,"links":133,"view_type":85,"video_url":86,"views":138,"likes":88,"lang":89,"comments_count":88,"is_pinned":100},"The Six Stages Every Company Goes Through to Become Truly AI-Native","Becoming an AI-native company is not about buying the latest model or running a few pilots. It’s a painful, unavoidable evolutionary path that every organization must climb — one stage at a time.","the-six-stages-every-company-goes-through-to-become-truly-ai-native","2026-05-06T11:09:47.000000Z","2026-05-17T03:02:00.000000Z",{"title":19,"slug":20},{"image":134,"image_webp":135,"thumb":136,"thumb_webp":137},"https://cdn.quasa.io/images/news/WaMH2nCgqbQuOISRzkbJLVsyYm7xIKAXj7yuxs3R.jpg","https://cdn.quasa.io/images/news/WaMH2nCgqbQuOISRzkbJLVsyYm7xIKAXj7yuxs3R.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/WaMH2nCgqbQuOISRzkbJLVsyYm7xIKAXj7yuxs3R.jpg","https://cdn.quasa.io/thumbs/news-thumb/images/news/WaMH2nCgqbQuOISRzkbJLVsyYm7xIKAXj7yuxs3R.webp",57,{"title":140,"description":141,"slug":142,"created_at":143,"publish_at":143,"formatted_created_at":144,"category":145,"links":146,"view_type":85,"video_url":86,"views":151,"likes":88,"lang":89,"comments_count":88,"is_pinned":100},"The Most Reliable Way to 10x Your Money on Pre-IPO Plays, 100% Certified Info","For a lot of people who thought they had cleverly bought pre-IPO exposure, this means they legally own approximately jack shit.","the-most-reliable-way-to-10x-your-money-on-pre-ipo-plays-100-certified-info","2026-05-16T18:57:42.000000Z","16.05.2026",{"title":31,"slug":32},{"image":147,"image_webp":148,"thumb":149,"thumb_webp":150},"https://cdn.quasa.io/images/news/9SJ3GvpfSjwvIX0Xb5VeS6BA0EI0j8lhQI6PkzAj.jpg","https://cdn.quasa.io/images/news/9SJ3GvpfSjwvIX0Xb5VeS6BA0EI0j8lhQI6PkzAj.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/9SJ3GvpfSjwvIX0Xb5VeS6BA0EI0j8lhQI6PkzAj.jpg","https://cdn.quasa.io/thumbs/news-thumb/images/news/9SJ3GvpfSjwvIX0Xb5VeS6BA0EI0j8lhQI6PkzAj.webp",97,[153,166,182,194,209],{"title":154,"description":155,"slug":156,"created_at":157,"publish_at":158,"formatted_created_at":159,"category":160,"links":161,"view_type":85,"video_url":86,"views":164,"likes":165,"lang":89,"comments_count":88,"is_pinned":100},"The Anatomy of an Entrepreneur","Entrepreneur is a French word that means an enterpriser. Enterprisers are people who undertake a business or enterprise with the chance of earning profits or suffering from loss.","the-anatomy-of-an-entrepreneur","2021-08-04T15:18:21.000000Z","2025-12-14T06:09:00.000000Z","14.12.2025",{"title":65,"slug":66},{"image":162,"image_webp":86,"thumb":163,"thumb_webp":163},"https://cdn.quasa.io/images/news/mVsXPTMuHZuI7UXCsENgL1Qwp1uSOf7Rz3uVPMfm.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/mVsXPTMuHZuI7UXCsENgL1Qwp1uSOf7Rz3uVPMfm.webp",74463,2,{"title":167,"description":168,"slug":169,"created_at":170,"publish_at":171,"formatted_created_at":172,"category":173,"links":174,"view_type":179,"video_url":86,"views":180,"likes":181,"lang":89,"comments_count":88,"is_pinned":100},"Advertising on QUASA","QUASA MEDIA is read by more than 400 thousand people a month. We offer to place your article, add a link or order the writing of an article for publication.","advertising-on-quasa","2022-07-06T07:33:02.000000Z","2025-12-15T17:33:02.000000Z","15.12.2025",{"title":58,"slug":63},{"image":175,"image_webp":176,"thumb":177,"thumb_webp":178},"https://cdn.quasa.io/images/news/45SvmdsTQbiyc3nxgbyHY1mpVbisYyub2BCHjqBL.jpg","https://cdn.quasa.io/images/news/45SvmdsTQbiyc3nxgbyHY1mpVbisYyub2BCHjqBL.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/45SvmdsTQbiyc3nxgbyHY1mpVbisYyub2BCHjqBL.jpg","https://cdn.quasa.io/thumbs/news-thumb/images/news/45SvmdsTQbiyc3nxgbyHY1mpVbisYyub2BCHjqBL.webp","large",74288,4,{"title":183,"description":184,"slug":185,"created_at":186,"publish_at":187,"formatted_created_at":188,"category":189,"links":190,"view_type":85,"video_url":86,"views":193,"likes":181,"lang":89,"comments_count":88,"is_pinned":100},"What is a Startup?","A startup is not a new company, not a tech company, nor a new tech company. You can be a new tech company, if your goal is not to grow high and fast; then, you are not a startup. ","what-is-a-startup","2021-08-04T12:05:17.000000Z","2025-12-17T13:02:00.000000Z","17.12.2025",{"title":65,"slug":66},{"image":191,"image_webp":86,"thumb":192,"thumb_webp":192},"https://cdn.quasa.io/images/news/EOsQhSW3VXyG7a6NPdE1oZd00xfJXe3bjY5aJGb7.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/EOsQhSW3VXyG7a6NPdE1oZd00xfJXe3bjY5aJGb7.webp",71775,{"title":195,"description":196,"slug":197,"created_at":198,"publish_at":199,"formatted_created_at":200,"category":201,"links":202,"view_type":85,"video_url":86,"views":207,"likes":165,"lang":89,"comments_count":208,"is_pinned":100},"Top 5 Tips to Make More Money as a Content Creator","Content creators are one of the most desired job titles right now. Who wouldn’t want to earn a living online?","top-5-tips-to-make-more-money-as-a-content-creator","2022-01-17T17:31:51.000000Z","2026-01-17T11:30:00.000000Z","17.01.2026",{"title":19,"slug":20},{"image":203,"image_webp":204,"thumb":205,"thumb_webp":206},"https://cdn.quasa.io/images/news/gP8kiumBPpJmQv6SMieXiX1tDetx43VwFfO1P4Ca.jpg","https://cdn.quasa.io/images/news/gP8kiumBPpJmQv6SMieXiX1tDetx43VwFfO1P4Ca.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/gP8kiumBPpJmQv6SMieXiX1tDetx43VwFfO1P4Ca.jpg","https://cdn.quasa.io/thumbs/news-thumb/images/news/gP8kiumBPpJmQv6SMieXiX1tDetx43VwFfO1P4Ca.webp",45496,1,{"title":210,"description":211,"slug":212,"created_at":213,"publish_at":214,"formatted_created_at":215,"category":216,"links":217,"view_type":179,"video_url":86,"views":222,"likes":165,"lang":89,"comments_count":88,"is_pinned":100},"8 Logo Design Tips for Small Businesses","Your logo tells the story of your business and the values you stand for.","8-logo-design-tips-for-small-businesses","2021-12-04T21:59:52.000000Z","2025-05-05T03:30:00.000000Z","05.05.2025",{"title":15,"slug":16},{"image":218,"image_webp":219,"thumb":220,"thumb_webp":221},"https://cdn.quasa.io/images/news/Wbx2NtS1CnTupgoQbpFMGspJ5jm4uob2hDOq33r0.jpg","https://cdn.quasa.io/images/news/Wbx2NtS1CnTupgoQbpFMGspJ5jm4uob2hDOq33r0.webp","https://cdn.quasa.io/thumbs/news-thumb/images/news/Wbx2NtS1CnTupgoQbpFMGspJ5jm4uob2hDOq33r0.jpg","https://cdn.quasa.io/thumbs/news-thumb/images/news/Wbx2NtS1CnTupgoQbpFMGspJ5jm4uob2hDOq33r0.webp",44381,[224,225,226,227,228,229,230,231,232,233,234,235,236],{"title":23,"slug":24},{"title":47,"slug":48},{"title":55,"slug":56},{"title":43,"slug":44},{"title":51,"slug":52},{"title":31,"slug":32},{"title":35,"slug":36},{"title":27,"slug":28},{"title":19,"slug":20},{"title":15,"slug":16},{"title":58,"slug":63},{"title":11,"slug":12},{"title":65,"slug":66}]