Dark Cherry leads the lineup with a classy, bold look.


Image: Foundry

It’s iPhone leaks season again. In just a couple of months, Apple is expected to unveil three new phones: the iPhone 18 Pro and 18 Pro Max, and a new foldable iPhone now rumored to be called the iPhone Ultra. But as always, one of the most important questions for buyers will be, What colors will Apple release this time?

Like last year, Macworld has received information from a source familiar with Apple’s supply chain regarding the color options for the iPhone 18 lineup. We can now reveal an inside look at the colors Apple is planning to release in 2026, along with our own renders to show what to expect.

Dark Cherry is the hot new trend

Every year, Apple introduces a new signature color for the iPhone Pro models. With the iPhone 17 Pro, the color that stood out the most was the vibrant Cosmic Orange. What about this year’s models?

While other sources have previously reported on a “Dark Red” color, the information we’ve heard suggests that Apple has been working on a Dark Cherry option to serve as the headline new color for the iPhone 18 Pro and iPhone 18 Pro Max. Previously, Bloomberg’s Mark Gurman and other leakers had suggested that Apple has been experimenting with a shade of red for this year’s phones, but we can reveal the hue will be much closer to wine than fruit punch.

While Dark Cherry color won’t be as bright and striking as Cosmic Orange in person, it will still be unique enough to distinguish it as the new iPhone 18 Pro. As always, Apple is expected to discontinue the current lineup of colors, including Cosmic Orange.


The iPhone 18 Pro could come in three all-new colors. Image: Foundry

Apple has also been reportedly experimenting with two other new color options for this year’s Pro lineup. One of them is Light Blue, which would resemble the current Mist Blue color of the base iPhone 17. The other color in development is a dark shade of gray. Finally, our source also reports on the existence of a silver variant of the iPhone 18 Pro, similar to the current generation.

Once again, our source notes that the colors are all in development, but since the iPhone 18 Pro hasn’t gone into mass production yet, Apple still has time to change them. Also, bear in mind that Apple doesn’t always offer four color options for the Pro models, so one of these hues could be dropped.

Last year, both Macworld and the reliable leaker Sonny Dickson reported that Apple had also considered launching the iPhone 17 Pro in black or steel gray. However, those color options never saw the light of day.

Here are the Pantone color codes our says are being used internally by Apple:

   • Light Blue (Pantone 2121)

   • Dark Cherry (Pantone 6076)

   • Dark Gray (Pantone 426C)

   • Silver (Pantone 427C)

We used these codes to generate the image above. Of course, colors may look a bit different in real life due to the material and lighting conditions.

A very familiar design with minor changes

Macworld’s sources also had access to the CAD drawings of the new iPhones. These documents support the rumors that the iPhone 18 Pro and iPhone 18 Pro Max will look very similar to their predecessors, with only minor changes.

Most notably, the renders show a smaller Dynamic Island on the screen, which has been rumored to be one of the changes for this year’s models. This means the display will have more screen space for content when the Dynamic Island isn’t showing Live Activities.


The Dynamic Island could be smaller on the iPhone 18 Pro. Image:Foundry

Another interesting change noted by our source is that, in one of the renders, the gap between the glass cutout on the back and the camera bump is a bit smaller. Our source was unable to verify whether this is an old render, or if Apple is moving forward with a design change.

Last year, a Weibo leaker known as Instant Digital reported that Apple would adopt a new process to minimize the color difference between the glass and the aluminum frame, so perhaps that change also involves reducing the gap between the glass and the camera bump at some point.

More neutral colors for the foldable iPhone

We’ve also received details about the color options for the rumored foldable iPhone. The device, which will reportedly look like an iPad mini when unfolded, won’t come in fun colors like the base iPhone and may have even fewer options than the iPhone Pro.

For the foldable iPhone, Apple has been working on a classic silver and white model, as well as an Indigo option similar to the iPhone 17 Pro’s Deep Blue.


The iPhone Fold will reportedly come in a dark Indigo option. Image:Foundry

The source also corroborates leaked CADs and renders showing the potential design of the foldable iPhone, which is expected to feature two rear cameras, a selfie camera on the outer display, and another selfie camera in the upper-left corner of the inner display. The schematics seen by our source reveal that the foldable iPhone will be just 4.7 millimeters thick when unfolded, making it significantly thinner than the 5.6mm iPhone Air.

The iPhone 18 Pro, 18 Pro Max, and the foldable iPhone are all expected to launch in September, while some analysts suggest that the foldable model will hit stores at a later date. The base model of the iPhone 18, the iPhone 18e, and a new Air have been rumored to arrive in the first half of 2027, which has also been confirmed by our source.

source

Tim Cook to retire as Apple CEO in September 2026, with John Ternus stepping in after a historic era of growth with big shoes to fill.

We have been hearing for the past few months that Apple is preparing for CEO Tim Cook's retirement. Rumors had noted that the next CEO would be John Ternus, Senior VP of Hardware Engineering, but that the transition may not happen in 2026. Well, the rumors were partially true, as Cook is indeed stepping down from his role, and it is happening later this year after all.

Apple has announced that Tim Cook will be retiring as Apple CEO on September 1, 2026. Until that time, he will work with Ternus to ensure a smooth transition. After that date passes, Cook will take on the role of executive chairman, the current non-executive chairman Arthur Levinson will become lead independent director, and Ternus will also join the board of directors. All these changes have been unanimously approved by the current board.

Cook is quoted as saying:

It has been the greatest privilege of my life to be the CEO of Apple and to have been trusted to lead such an extraordinary company. I love Apple with all of my being, and I am so grateful to have had the opportunity to work with a team of such ingenious, innovative, creative, and deeply caring people who have been unwavering in their dedication to enriching the lives of our customers and creating the best products and services in the world. John Ternus has the mind of an engineer, the soul of an innovator, and the heart to lead with integrity and with honor. He is a visionary whose contributions to Apple over 25 years are already too numerous to count, and he is without question the right person to lead Apple into the future. I could not be more confident in his abilities and his character, and I look forward to working closely with him on this transition and in my new role as executive chairman.

John Ternus certainly has big shoes to fill as the successor to Cook. As a reminder, Tim Cook became Apple CEO back in 2011 following Steve Jobs' rapid decline in health. Cook had already been at Apple since 1998, but after becoming CEO, he took the company from a market cap of $350 billion to $4 trillion. Its revenue for the fiscal year of 2025 was $416 billion, which is almost 4x the $108 billion reported in 2011. This is spearheaded by the launch of new devices and categories such as Apple Watch, AirPods, iCloud, Apple Pay, Apple TV, and Apple Music, along with continued innovation with the iPhone.

Meanwhile, Ternus is also an Apple veteran who joined the firm in 2001. He steadily rose to the ranks of VP of Hardware Engineering in 2013 and then SVP of the same division in 2021, at which point he also became a member of the executive team. He is also credited as being "instrumental" in the launch of several generations of iPhone, iPad, AirPods, Mac, Apple Watch, and more. It will be interesting to see how quickly he settles into his new role as Apple's head honcho.

source

Enforcement action launched after evidence suggests child sexual abuse material being shared on Telegram and teen chat sites being used by predators to groom children

Ofcom has launched an investigation into Telegram under the UK’s Online Safety Act, to examine whether it is complying with its duties to prevent child sexual abuse material being shared.

The UK’s online safety watchdog has also opened investigations into Teen Chat and Chat Avenue to examine whether they are meeting their duties to prevent children from the risk of being groomed by predators.

Additionally, we have provided updates on file-sharing services that are now either using hash-matching technology to detect and swiftly remove child sexual abuse material (CSAM) or have taken steps to prevent people in the UK from accessing their sites. 

Suzanne Cater, Director of Enforcement at Ofcom, said: “Child sexual exploitation and abuse causes devastating harm to victims, and making sure sites and apps tackle this is one of our highest priorities. It’s why we work so closely with partners in law enforcement and child protection organisations to identify where these harms are occurring and hold providers to account where they’re failing to meet their obligations.

“Progress has undeniably been made, particularly with file-sharing services, which are too often used to share horrific child sexual abuse imagery. But this problem extends to big platforms too, and teen-focused chat services are too easily being used by predators to groom children. These firms must do more to protect children, or face serious consequences under the Online Safety Act.”

CSAM on Telegram

It is illegal in the UK to share or be in possession of CSAM. Under the UK’s Online Safety Act, providers of ‘user-to-user’ services are required to assess and mitigate the risk of this horrific crime being perpetrated on their platforms.[1]

We work closely with law enforcement agencies and other organisations to identify platforms that are particularly susceptible to being used by offenders for the sharing of image-based CSAM.

We received evidence from the Canadian Centre for Child Protection regarding the alleged presence and sharing of child sexual abuse material on Telegram, and carried out our own assessment of the platform. In light of this, we have decided to open an investigation to examine whether Telegram has failed, or is failing, to comply with its duties in relation to illegal content. 

Grooming on teen chat sites

The sexual exploitation and abuse of children online has devastating consequences for those affected. Online grooming crimes against children can include coercing a child to send sexual images of themselves, sexual extortion, and arranging in-person sexual abuse of a child.

Ofcom works with child protection agencies to identify services that present particular risks of grooming. This work has raised concerns about the risk to children on two chat services called Teen Chat and Chat Avenue, which have open chatrooms, private messaging, profile creation and media sharing functionalities.

Ofcom has engaged with representatives of the providers of these services to try and address these concerns. However, we remain unsatisfied as to whether they are providing adequate protection to UK children from the risk of grooming.

We have therefore opened investigations into whether the providers of Teen Chat and Chat Avenue are taking appropriate steps to assess and mitigate the risk of UK users encountering illegal content and activity, including grooming. The investigation into Chat Avenue will also consider whether the provider is taking adequate steps to prevent children from encountering harmful content, including pornography, on the site.

CSAM is being tackled on file-sharing services

When duties under the Act came into effect last year, we immediately launched enforcement action to assess the safety measures being taken by file-sharing providers to prevent offenders from disseminating CSAM on their services.

As part of this work, we became concerned that the provider of file-sharing service [color=blue[Pixeldrain[/color] had not taken appropriate measures to assess and mitigate this risk.

In response to us raising our concerns with them, the provider of Pixeldrain made material improvements to its Illegal Content Risk Assessment and implemented perceptual hash matching – an automated tool that can detect and swiftly remove CSAM.

We have also today closed our investigation into file-sharing service Yolobit, which has taken steps to make itself unavailable to people in the UK.

This follows on from five other file-sharing providers taking steps to make their services unavailable to UK users after we launched enforcement proceedings against them, and two other services deploying hash matching as a direct result of our action.

Ofcom’s investigation process

The Online Safety Act sets out the process Ofcom must follow when investigating a company and deciding whether it has failed to comply with its legal obligations.[2]

Our first step is to gather and analyse evidence to determine whether a breach has occurred. If, based on that evidence, we consider that a compliance failure has taken place, we will issue a provisional decision to the company, who will then have an opportunity to respond to our findings in full, as required by the Act, before we make our final decision.

We will provide updates on our investigations as soon as possible.

Enforcement powers

If we find that a company has broken the law, we can require it to take specific steps to come into compliance or to remedy harm caused by the breach. We can also impose fines of up to £18 million or 10% of qualifying worldwide revenue, whichever is greater.

In the most serious cases of ongoing non-compliance, we can make an application to a court for ‘business disruption measures’, through which a court could impose an order requiring payment providers or advertisers to withdraw their services from a platform, or requiring internet service providers to block access to a site in the UK.

UK jurisdiction

As in other industries, companies that provide an online service to people in the UK must comply with UK laws. The Online Safety Act is concerned with protecting people in the UK. It does not require platforms to restrict what people in other countries can see.



1. User-to-user services are where people may encounter content – including images, videos, messages or comments – that has been generated, uploaded or shared by other users. Schedule 6 of the Online Safety Act explains the child sexual exploitation and abuse offences that are priority offences under the Act.

2.    Our Online Safety Enforcement Guidance can be found here.

3.    More information on jurisdiction is available here.

source

Windows never had a consistent design language. It’s largely due to how it’s built, but also because Microsoft doesn’t really stick to one idea or even a framework. However, things might soon get better, as Microsoft confirmed it’s going after every design element in the OS, including the “Installing Windows 11” screen, which rarely appears.

If you can’t recall the “Installing Windows 11” screen, take a look at the screenshot below.



The above “Installing Windows 11” screen appears only when you try to reinstall the operating system using the Media Creation Tool or setup.exe found in an ISO file. Now, the interface isn’t necessarily bad, and it’s actually a non-issue, but it’s one of the UIs that doesn’t align with Windows 11’s overall design direction.

Microsoft has already confirmed that it’s focused on the design aspect of Windows 11 and is going after all UI elements. But you wouldn’t expect the company to address less-used UI surfaces like the “Installing Windows 11” screen, right? Well, to my surprise, Microsoft’s design director says the company also has plans to redesign the Windows installation screen.

“This screen is on our craft list. It’s very rarely seen, so we’ve prioritized other UI craft projects above it, but we’ll get there,” March wrote in a post on X.

It might not sound like a big deal, but it’s actually a very interesting move. Microsoft has never truly cared about the design of core components, let alone less-used UI surfaces like the “Installing Windows 11” screen.

Windows 11 still has a lot of legacy UI features

Windows 11’s design has definitely gotten better over time, but you can still run into legacy components. For example, you can come across a Windows 8-era interface on the lock screen or inside Windows Settings. In fact, you might also end up in a Windows 3.1-era dialog if you use Control Panel.


Windows 3.1 UI in Windows 11

Of course, the biggest problem is that most of the advanced features depend on Control Panel and legacy dialogs, so until Microsoft figures out a plan to ditch Control Panel, we’re not really moving forward.

Microsoft previously confirmed that it’s looking into fixing various design elements of Windows Settings before removing Control Panel. Also, it’s not just about the design, but also the user experience. It takes fewer clicks in Control Panel to perform the same task as Windows Settings, and Microsoft is aware of the problem.


Microsoft confirms it’s migrating all Control Panel settings to the Windows 11 Settings app, but there
are roadblocks

Another issue is that Microsoft can’t upset power users by removing Control Panel when Settings is not in the best shape.

For example, the Control Panel includes many network and printer drivers and settings that haven’t been migrated to Windows Settings yet. This is because Microsoft is being careful, as it fears the migration process could break multiple features and disrupt the experience for power users, especially enterprises or developers using old endpoints.

“We’re doing it carefully because there are a lot of different network and printer devices & drivers we need to make sure we don’t break in the process,” says the Microsoft Design lead.

Either way, I’m hopeful that Microsoft can turn things around and finally bring a more consistent design to Windows 11. What do you want Microsoft to fix in Windows 11 UI? Let me know in the comments below, and we’ll forward it to Microsoft.

source

The malicious 24H2 update download website is able to evade detection from anti-virus and other boot-time security on Windows 11.

Neowin readers are well aware of how legit Windows 11 updates can break important features and functions like Start menu Search and PC reset option; however, malicious forged ones can be even more deadly. One such fake Microsoft support website has been tricking users into installing a malicious “Windows update” that silently steals sensitive data, according to new research published by Malwarebytes.

The cybersecurity firm notes that the campaign is being carried out by a convincing phishing site hosted on a typosquatted domain designed to mimic official Microsoft support pages. The attack targets Windows users mainly in France by offering what appears to be a legitimate cumulative update for Windows 11 24H2. Coincidentally, the French government just decided to dump Windows in favor of Linux, and although likely unrelated, we wonder if that has any connection.

According to the researchers, the site "microsoft-update[.]support" presents a familiar UI and color scheme, complete with a fake knowledge base (KB) reference and a prominent "Download the update" button. Users who click it receive an 83MB installer file labeled “WindowsUpdate 1.0.0.msi,” that appears indeed authentic at first glance. Observant ones will notice in the image below, that the update being delivered, "KB5034765", was actually released back in February 2024 for Windows 11 23H2 and 22H2, not for 24H2.

The attack also uses trustworthy technologies to mask the real intent. The installer is built using WiX Toolset, a widely used open-source framework, and deploys an Electron-based app, effectively a Chromium browser shell, to execute the payload. This layered approach helps the malware evade antivirus detection. Malwarebytes notes zero detections recorded across dozens of security engines at the time of analysis as the executable itself is clean.

Once executed, the installer launches a Visual Basic script that triggers the Electron app, which in turn spawns a disguised Python process. This process installs multiple packages commonly associated with data theft, including tools for encryption, system inspection, and deep Windows API access. The malware then begins harvesting sensitive data as Malwarebytes found it can extract browser-stored credentials, Discord tokens, and capture payment-related information.

To maintain persistence, the malware has devised several things in its favor including a registry entry disguised as an actual Windows security component and a startup shortcut pretending to be a Spotify app .lnk launcher. This approach ensures the malware survives system reboots with minimal suspicion.

Users are advised to install updates only through official Windows Update settings or trusted Microsoft domains. You can also follow Neowin as we cover these updates and link to official, secure Microsoft sites only, or reputable third-party apps. Any standalone update downloads from an unfamiliar website should be treated as suspicious and with extreme caution. You can find more technical details in the original blog post here on Malwarebytes' website.

source