March 12, 2024 at 06:29PM Brave Browser gains more users on iPhones in the EU after Apple introduces new default browser selection screen to comply with the Digital Markets Act. The update prompts users to choose from a list of popular browsers, leading to a noticeable increase in Brave installations. Brave advocates for fair competition … Read more
March 11, 2024 at 12:30AM Microsoft took six months to patch a rootkit vulnerability in Windows discovered by North Korean hackers Lazarus Group. Avast researchers notified Microsoft of an admin-to-kernel exploit, but Microsoft did not prioritize the matter, waiting until February’s patch Tuesday to fix the issue. Critical vulnerabilities were also found in recent Apple … Read more
March 6, 2024 at 02:26PM Apple has released emergency security updates to fix two critical iOS zero-day vulnerabilities, allowing cyberattackers to compromise iPhone users at the kernel level. The memory-corruption bugs, CVE-2024-23225 and CVE-2024-23296, enable threat actors to bypass kernel memory protections. Users are urged to update their devices to versions iOS 17.4, iPadOS 17.4, … Read more
March 6, 2024 at 01:03AM Apple has released security updates to fix actively exploited vulnerabilities, CVE-2024-23225 and CVE-2024-23296, in its iOS and iPadOS, addressing them with improved validation. The flaws can be exploited by attackers to bypass kernel memory protections. This development adds to a total of three zero-days that Apple has addressed since the … Read more
March 5, 2024 at 04:00PM Apple released urgent iOS updates, including iOS 17.4 and iPadOS 17.4, to address multiple security flaws and potential zero-day exploits in the wild. The vulnerabilities, including kernel and RTKit issues, could bypass memory protections. Additionally, the company patched privacy flaws and warned of more fixes to come. Exploited iOS versions … Read more
December 11, 2023 at 05:30PM Apple released iOS and iPadOS 17.2 with security fixes for 11 vulnerabilities, including memory corruption in ImageIO and code execution flaw in WebKit. The update also addresses privacy and information disclosure issues, as well as previously documented zero-day exploits. Additionally, iOS 16.7.3 and iPadOS 16.7.3 provide security patches for older … Read more
December 11, 2023 at 02:28PM Apple has issued emergency security updates for two zero-day flaws in iOS, iPadOS, tvOS, and watchOS. The CVE-2023-42916 and CVE-2023-42917 vulnerabilities in the WebKit browser engine allowed attackers to access sensitive data and execute arbitrary code. Security researcher Clément Lecigne discovered and reported both flaws. CISA ordered Federal Civilian Executive … Read more
November 30, 2023 at 11:36PM Apple rolled out updates for iOS, iPadOS, macOS, and Safari to fix two actively exploited WebKit vulnerabilities. These flaws could potentially leak sensitive data and enable arbitrary code execution. The affected versions precede iOS 16.7.1, and all WebKit-based browsers on Apple devices are impacted. Devices from iPhone XS and certain … Read more
November 30, 2023 at 02:54PM Apple’s security team reports that older iOS versions, prior to 16.7.1, were exploited due to flaws CVE-2023-42916 and CVE-2023-42917. Patches for these WebKit vulnerabilities have been released for affected iPhones. Meeting Takeaways: 1. Apple’s security response team has identified that vulnerabilities designated as CVE-2023-42916 and CVE-2023-42917 have been exploited. 2. … Read more
November 30, 2023 at 02:49PM Apple has patched 20 zero-day vulnerabilities in 2023, recently addressing two allowing attackers to exploit iPhones, iPads, and Macs via WebKit. The flaws enabled data access and code execution. Updates were issued for various devices and macOS versions. Google TAG identified the exploits, which historically targeted high-risk individuals. Clear Takeaways … Read more