Security News > 2023 > September > Recently patched Apple, Chrome zero-days exploited in spyware attacks

Security researchers with The Citizen Lab and Google's Threat Analysis Group revealed today that three zero-days patched by Apple on Thursday were abused as part of an exploit chain to install Cytrox's Predator spyware.
Google TAG also observed the attackers using a separate exploit chain to drop Predator spyware on Android devices in Egypt, exploiting CVE-2023-4762-a Chrome bug patched on September 5th-as a zero-day to gain remote code execution.
Citizen Lab urged all Apple users at risk to install Apple's emergency security updates and enable Lockdown Mode to thwart potential attacks exploiting this exploit chain.
Citizen Lab security researchers disclosed two other zero-days-fixed by Apple in emergency security updates earlier this month-abused as part of another zero-click exploit chain to infect fully patched iPhones with NSO Group's Pegasus spyware.
Apple emergency updates fix 3 new zero-days exploited in attacks.
Google fixes another Chrome zero-day bug exploited in attacks.
News URL
Related news
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Google: 97 zero-days exploited in 2024, over 50% in spyware attacks (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks (source)
- ⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More (source)
- Cookie-Bite attack PoC uses Chrome extension to steal session tokens (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-05 | CVE-2023-4762 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |