October 18, 2024 at 05:31PM A security flaw in Safari on macOS, known as CVE-2024-44133, may allow attackers to bypass security measures, potentially exposing sensitive user data and media access. Researchers from Microsoft have detected signs of exploitation by adware like AdLoad. Apple issued a fix in September, highlighting the need for users to update … Read more
May 14, 2024 at 11:59AM Apple released security updates to address the CVE-2024-27834 zero-day vulnerability in Safari. The flaw was exploited during Pwn2Own Vancouver, earning the discoverer $60,000. The update is available for macOS Monterey and macOS Ventura, with instructions to update Safari separately from the operating system. Pwn2Own Vancouver 2024 resulted in $1,132,500 in … Read more
October 26, 2023 at 07:32AM Researchers have developed a new side-channel attack called iLeakage that can extract sensitive information from Safari on Apple devices. It bypasses standard side-channel protections and can retrieve data from Safari, Firefox, Tor, and Edge on iOS with near-perfect accuracy. The attack exploits speculative execution in Apple Silicon CPUs and requires … Read more