Apple released a security update for iOS and iPadOS to patch multiple vulnerabilities, including one that could leak sensitive information when visiting a malicious website and one that allows an attacker to display false information in the address bar.
In total, 29 vulnerabilities were patched, most of them in WebKit, Apple’s web rendering engine that powers Safari and renders webpages in other apps. The update is available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- State-backed attackers and commercial surveillance vendors repeatedly use the same exploits
August 29, 2024
Google’s Threat Analysis Group (TAG) observed multiple in-the-wild exploit campaigns, between November 2023 and July 2024, delivered from a watering hole attack on Mongolian government websites. The campaigns first delivered an iOS WebKit exploit affecting iOS versions older than 16.6.1 and then later, a Chrome exploit chain against Android users running versions from m121 to m123. ...
- Fortra Releases Security Advisories for FileCatalyst Workflow
August 28, 2024
Fortra has released security advisories addressing a critical vulnerability and a high severity vulnerability found in FileCatalyst Workflow. FileCatalyst is an accelerated file transfer software solution that allows the transfer of large files over remote networks. CVE-2024-6632 is an SQL injection vulnerability with a CVSSv3 score of 7.2 (high), which if exploited could allow an unauthenticated ...
- Unveiling Mobile App Vulnerabilities: How Popular Apps Leak Sensitive Data
August 27, 2024
In an increasingly digital world, the importance of mobile security cannot be overstated. With millions of apps available on Google’s Play Store and Apple’s App Store, users trust developers to safeguard their personal information. Unfortunately, this trust is often misplaced. A key step in preventing unauthorized access to user data is encryption, especially when it comes ...
- Europe’s leading solar power grid is ‘vulnerable’ to hackers
August 21, 2024
A recent study by a cybersecurity firm confirmed that the Dutch solar energy grid is vulnerable to multiple types of attacks on its system. A new study by a cybersecurity firm confirmed that one of Europe’s largest solar energy grids is vulnerable to multiple types of attacks on its system. Over a six-month period, researchers with ...
- Hacked GPS tracker reveals location data of customers
August 19, 2024
Stalkerware researcher maia arson crimew strikes again. Big time. We know maia as a researcher that loves to go after stalkerware peddlers, which Malwarebytes—as one of the founding members of the Coalition Against Stalkerware—loves to see. The investigation into Tracki, besides uncovering a tangled web of companies, dubious websites, and false identities, also led to a ...
- New Windows Cyber Attacks Confirmed – CISA Says Update By September 3
August 14, 2024
Microsoft has released the monthly round of Patch Tuesday security updates, with fixes for a total of 90 vulnerabilities across the Windows ecosystem. Of these, the Microsoft Security Response Center warns that five Windows vulnerabilities have confirmed and active cyber attacks against them already. So serious are these zero-day security issues that the U.S. Cybersecurity and ...