Apple said new anonymous relay addresses created through iCloud+ Hide My Email and Sign in with Apple will use the shared domain private.icloud.com, replacing the current split between privaterelay.appleid.com and icloud.com for newly generated addresses. The company said the change will roll out later this summer, while existing relay addresses on the legacy domains will continue to function without interruption.
Apple told developers, app operators, and email service providers to update validation logic, allowlists, filtering, suppression lists, and routing rules so messages sent to private.icloud.com are accepted alongside the older domains. The change has drawn criticism from some users, who argue that a distinct relay domain could make Hide My Email addresses easier for websites and apps to detect and potentially block, weakening the privacy feature’s usefulness for anonymous sign-ups.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
1 event from the most recent confirmed update back to the earliest known activity.
Apple said newly generated Hide My Email relay addresses will use the @private.icloud.com domain instead of prior domains, while existing addresses will continue to function without interruption. The company also told developers and email providers to update filtering, validation, allowlists, and routing to recognize the new domain.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
5 references tracked. Mallory keeps watching after this page renders.
scworld.com
Open sourcehelpnetsecurity.com
Open sourcetechcrunch.com
Open sourcedeveloper.apple.com
Open sourcebitdefender.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.