Security News

Apple recommends users update to iOS 17.1.2, iPadOS 17.1.2 and macOS 14.1.2. Apple has patched two zero-day vulnerabilities affecting iOS, iPadOS and macOS; users are advised to update to iOS 17.1.2, iPadOS 17.1.2 and macOS 14.1.2.

With the latest round of security updates, Apple has fixed two zero-day WebKit vulnerabilities that "May have been exploited against versions of iOS before iOS 16.7.1.".Both affect WebKit, the Apple-developed browser engine used by the company's Safari web browser and all web browsers on iOS and iPadOS. CVE-2023-42916 may lead to disclosure of sensitive information, while CVE-2023-42917 allows arbitrary code execution.

Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of...

Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year. Citizen Lab disclosed two other zero-days, fixed by Apple in September and abused as part of a zero-click exploit chain to install NSO Group's Pegasus spyware.

Google has released an urgent security update to fix a number of vulnerabilities in Chrome browser, including a zero-day vulnerability that is being actively exploited in the wild.CVE-2023-6345, reported by Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group, is due to an integer overflow in Skia - an open source 2D graphics library commonly used as a graphics engine for Google Chrome, ChromeOS, Android, Flutter, and others.

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the...

Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks. Google TAG is known for uncovering zero-days, often exploited by state-sponsored hacking groups in spyware campaigns targeting high-profile individuals like journalists and opposition politicians.

Google has fixed the fifth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks. Google TAG is known for uncovering zero-days, often exploited by state-sponsored hacking groups in spyware campaigns targeting high-profile individuals like journalists and opposition politicians.

The attack started with compromising a media outlet's website to embed malicious scripts into an article, allowing for a 'watering hole' attack. State-backed North Korean hacking operations consistently rely on supply chain attacks and the exploitation of zero-day vulnerabilities as part of their cyber warfare tactics.

An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video recorders into a Mirai-based distributed...