Hackers mostly targeted Microsoft, Google, Apple zero-days in 2022

Hackers continue to target zero-day vulnerabilities in malicious campaigns, with researchers reporting that 55 zero-days were actively exploited in 2022, most targeting Microsoft, Google, and Apple products. Most of these vulnerabilities (53 out of 55) enabled the attacker to either Read More …

Apple fixes actively exploited iOS zero-day on older iPhones, iPads

Apple has backported security patches addressing a remotely exploitable zero-day vulnerability to older iPhones and iPads. This bug is tracked as CVE-2022-42856, and it stems from a type confusion weakness in Apple’s Webkit web browser browsing engine. Read more… Source: Read More …

Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities

More than two years ago, a researcher, A2nkF, published the details of an interesting exploit chain on the Objective-See blog. He demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to arbitrary kernel extension loading. After diving into the second Read More …

Apple should pay €6m to French data watchdog for tracking users without consent, says official

Apple tracked users without their consent and deserves to be fined €6 million, according to a top advisor to France’s data privacy watchdog. The Commission nationale de l’informatique et des libertés (CNIL) launched an investigation into Apple after a complaint Read More …

iPhone iOS 16.1.1 fixes two security vulnerabilities – time to update

Apple has released an update that protects users against two security vulnerabilities that could affect iPhones and iPads. The iOS 16.1.1 and iPadOS 16.1.1 software update comes two weeks after the release of iOS 16.1 for all iPhone and iPad Read More …

Apple fixes new zero-day used in attacks against iPhones, iPads

In security updates released on Monday, Apple has fixed the ninth zero-day vulnerability used in attacks against iPhones since the start of the year. Apple revealed in an advisory today that it’s aware of reports saying the security flaw “may Read More …

Apple backports fix for actively exploited iOS zero-day to older iPhones

Apple has released new security updates to backport patches released earlier this month to older iPhones and iPads addressing a remotely exploitable WebKit zero-day that allows attackers to execute arbitrary code on unpatched devices. This zero-day vulnerability is the same Read More …

Apple security updates fix 2 zero-days used to hack iPhones, Macs

Apple has released emergency security updates today to fix two zero-day vulnerabilities previously exploited by attackers to hack iPhones, iPads, or Macs. Zero-day vulnerabilities are security flaws known by attackers or researchers before the software vendor has become aware or Read More …