Remote CarPlay Hack Puts Drivers at Risk of Distraction and Surveillance - SecurityWeek

Researchers disclosed a remote CarPlay hack exploiting vulnerabilities in Apple’s AirPlay protocol, allowing attackers to spy on drivers or distract them. The attack targets the iAP2 protocol used by CarPlay for wireless connections, enabling hackers to impersonate iPhones, obtain Wi-Fi credentials, and exploit a patched AirPlay SDK vulnerability for remote code execution. Although Apple patched the vulnerability, many car manufacturers have yet to integrate it, leaving vehicles exposed.