Saturday , June 21 2025

Apple fixes two zero-days exploited to hack iPhones and Macs

Apple has released emergency security updates to address two new zero-day vulnerabilities exploited in attacks to compromise iPhones, Macs, and iPads.

“Apple is aware of a report that this issue may have been actively exploited,” the company said when describing the issues in security advisories published on Friday.

Russia detects first SuperCard malware attacks via NFC

Russian cybersecurity experts discovered the first local data theft attacks using a modified version of legitimate near field communication (NFC)...
Read More
Russia detects first SuperCard malware attacks via NFC

Income Property Investments exposes 170,000+ Individuals record

Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
Read More
Income Property Investments exposes 170,000+ Individuals record

ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs

GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
Read More
ALERT (CVE: 2023-28771)  Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs

CISA Flags Active Exploits in Apple iOS and TP-Link Routers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
Read More
CISA Flags Active Exploits in Apple iOS and TP-Link Routers

10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online

SafetyDetectives’ Cybersecurity Team discovered a public post on a clear web forum in which a threat actor claimed to have...
Read More
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online

Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems

WestJet, Canada's second-largest airline, is looking into a cyberattack that has affected some internal systems during its response to the...
Read More
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems

Paraguay 7.4 Million Citizen Records Leaked on Dark Web

Resecurity found 7.4 million records of Paraguayan citizens' personal information leaked on the dark web today. Last week, cybercriminals attempted...
Read More
Paraguay 7.4 Million Citizen Records Leaked on Dark Web

High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation

HashiCorp has revealed a critical vulnerability in its Nomad tool that may let attackers gain higher privileges by misusing the...
Read More
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation

SoftBank: Over 137,000 personal info leaked

SoftBank has disclosed that personal information of more than 137,000 mobile subscribers—covering names, addresses, and phone numbers—might have been leaked...
Read More
SoftBank: Over 137,000 personal info leaked

Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code

Serious security vulnerabilities in Trend Micro Apex One could allow attackers to inject malicious code and elevate their privileges within...
Read More
Alert  Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
The first security flaw (tracked as CVE-2023-28206) is an IOSurfaceAccelerator out-of-bounds write that could lead to corruption of data, a crash, or code execution.

Successful exploitation allows attackers to use a maliciously crafted app to execute arbitrary code with kernel privileges on targeted devices.

The second zero-day (CVE-2023-28205) is a WebKit use after free weakness that allows data corruption or arbitrary code execution when reusing freed memory.

This flaw can be exploited by tricking the targets into loading malicious web pages under attackers’ control, which could lead to code execution on compromised systems.

The two zero-day vulnerabilities were addressed in iOS 16.4.1, iPadOS 16.4.1, macOS Ventura 13.3.1, and Safari 16.4.1 with improved input validation and memory management.

Apple says the list of affected devices is quite extensive, and it includes:

  • iPhone 8 and later,
  • iPad Pro (all models),
  • iPad Air 3rd generation and later,
  • iPad 5th generation and later,
  • iPad mini 5th generation and later,
  • and Macs running macOS Ventura.

Three zero-days patched since the start of the year

Even though Apple says it’s aware of in-the-wild exploitation reports, the company is yet to publish information regarding these attacks.

However, it revealed that the two flaws had been reported by Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty International’s Security Lab after finding them exploited in the wild as part of an exploit chain.

Donncha Ó Cearbhaill tweet

Both organizations regularly disclose campaigns exploiting zero-day bugs abused by government-sponsored threat actors to deploy commercial spyware on the smartphones and computers of politicians, journalists, dissidents, and other high-risk individuals worldwide.

Last week, Google TAG and Amnesty International exposed two recent series of attacks using exploit chains of Android, iOS, and Chrome zero-day and n-day flaws to deploy mercenary spyware.

While the zero-days patched today were most likely only used in highly-targeted attacks, installing these emergency updates as soon as possible is highly recommended to block potential attack attempts.

In February, Apple addressed another WebKit zero-day (CVE-2023-23529) exploited in attacks to trigger OS crashes and gain code execution on vulnerable iPhones, iPads, and Macs.

Check Also

SIEM and SOAR

CISA Issued Guidance for SIEM and SOAR Implementation

CISA and ACSC issued new guidance this week on how to procure, implement, and maintain …

Leave a Reply

Your email address will not be published. Required fields are marked *