Apple, Microsoft Power Pages, Google Chrome, SpyLoan
Risk 1: URGENT
Issue: Holy hot dang of all hot dangs. I never thought I would have to write this warning. Apple caved.
Apple will be removing the the end-to-end encryption of its iCloud services included iMessage, iCloud e-mail, documents, images, and more for new UK users and will plan a roll-out requiring existing users to disable their Advanced Data Protection. This will allow the UK government, as well as many others, much easier access to users’ accounts. It also would make the data readable by Apple employees.
Financial Guardians is working on a write-up, but the current UK order that originated this action has not been fully released. Please check our Substack for this upcoming and similar articles.
Resolution: Our recommendation at the moment, which will be changing over the next few weeks as more information evolves, is to stop using iCloud-based solutions to interact with UK-based clients or services.
Risk 2: Low
Issue: Google has started disabling extensions in its Chrome browser that relay upon now dated technology. This is a gradual push and occurs without notification. .
Resolution: This comes with two warnings:
1.) It may just be that the extension is dated and needs replaced - contact the developer for a newer release
2.) Extensions are one of the biggest codebases that are easy to infiltrate. Don’t just assume the extension was sunset - research it to make sure you haven’t accidentally been breached.
Risk 3: Low
Issue: SpyLoan, a malicious collection of code, has now been downloaded several hundred thousand times over the last several weeks on the Google Play Store. This is a code base that fakes a financial tool, specifically one to track your finances and provide low-cost and low-risk loans. However, this is actually a predatory network that collects your personal information, creates fake scam loans using your information, and then extorts you.
Resolution: The risk is minimal unless you have downloaded one of these apps, of which there are now several dozen. If you have downloaded new financial apps in 2025, please research them intensely to determine if they are legitimate. If you have apps that you no longer use, contact the manufacturer to have your information removed.
This is also a good item to bring up to your clients who may have fallen victim.
Risk 4: Medium
Issue: Microsoft Power Pages, pat of their Power Platform, recently patched several vulnerabilities that provided external access to the data within Power Platform.
Resolution: The environment is hosted through Microsoft and the vulnerabilities have been patched. Microsoft will reach out to any users impacted.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
