Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild.
Tracked asΒ CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iPhone maker said it addressed the problem with improved checks.
"Apple is aware of a report that this issue may have
TheΒ three zero-day flawsΒ addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain calledΒ PredatorΒ targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023.
"The targeting took place after Eltantawy publiclyΒ stated his plansΒ to run for President in the 2024 Egyptian elections," the
The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation fromΒ Access NowΒ and theΒ Citizen LabΒ has revealed.
The infiltration is said to have happened on or around February 10, 2023. Timchenko is the executive editor and owner ofΒ Meduza, an independent news publication
Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group's Pegasus mercenary spyware.
The issues are described as below -
CVE-2023-41061Β - A validation issue in Wallet that could result in arbitrary code execution when handling a maliciously crafted attachment.
CVE-2023-41064
Apple has announced plans to require developers to submit reasons to use certain APIs in their apps starting later this year with the release of iOS 17, iPadOS 17, macOS Sonoma, tvOS 17, and watchOS 10 to prevent their abuse for data collection.
"This will help ensure that apps only use these APIs for their intended purpose," the companyΒ saidΒ in a statement. "As part of this process, you'll need
Login
FreshRSS