Apple fixes scary Vision Pro bug that allowed hackers to fill your virtual room with spiders

2025-04-27 23:24:22admin

Apple has fixed a visionOS vulnerability that allowed a hacker to fill a Vision Pro user's virtual space with 3D animated objects.

When spelled out like this, it doesn't sound that scary, but replaced "3D animated objects" with spiders, bats, snakes, or anything else that scares you, and you've got yourself one of the most intriguing and ominous bugs we've ever heard of.

SEE ALSO: Apple reportedly gives up on Vision Pro 2, focusing on cheaper model instead

The vulnerability for was discovered by Ryan Pickren, an independent researcher who already found a couple of bugs in Apple's software, including nasty iPhone and Mac camera issues. Pickren told Mashable via email that he believes the bug he'd found in visionOS allows for the first "spatial computing" hack. He also said that Apple awarded him a bounty for finding and describing the issue.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

The bug stems from the way visionOS handles apps that can spawn 3D objects in your virtual space while you're using the Vision Pro. As Pickren explained on his blog, the company severely restricted who and what can do this in most cases, but "forgot" about an older, web-based 3D model viewing standard called Apple AR Kit Quick Look. By adding some simple code to a website, a hacker could bypass Apple's restrictions and launch "an arbitrary number of 3D, animated, sound-creating, objects without any user interaction whatsoever."

GET US OUT OF HERE Credit: Ryan Pickren

Pickren supplied some examples by tapping into a lot of folks' worst nightmares: by adding virtual spiders and bats into a Vision Pro user's virtual space.