A critical vulnerability (CVE-2026-28318) has been detected in Verizon's VoLTE services, exposing mobile communications to severe risks. The flaw arises from the lack of necessary cryptographic protections in Verizon’s core voice network, allowing sensitive cellular traffic to be vulnerable to interception and manipulation by attackers. The issue is rooted in a failure to adhere to established telecom safety standards, putting users at risk of call hijacking, spoofing, and denial-of-service attacks.
Despite updates from Apple to improve carrier settings, Verizon has not demonstrated active mitigation or cooperation in vulnerability disclosures, leaving users' cellular traffic untrusted.