Apple released Rapid Security Response updates for its Safari web browser, iOS, iPadOS, and macOS to address a zero-day vulnerability that was being actively exploited.
By exploiting the WebKit vulnerability known as CVE-2023-37450, malicious actors may execute arbitrary code while handling specially designed web content. The iPhone maker said it addressed the issue with improved checks.
By infosecbulletin
/ Friday , July 11 2025
AMD has revealed four new vulnerabilities that could enable attackers to access sensitive data via timing-based side-channel attacks. These vulnerabilities,...
Read More
By infosecbulletin
/ Thursday , July 10 2025
GitLab has released security updates for its Community Edition (CE) and Enterprise Edition (EE) to fix vulnerabilities that could enable...
Read More
By infosecbulletin
/ Thursday , July 10 2025
A newly found vulnerability (CVE-2025-7206) in the D-Link DIR-825 router firmware version 2.10 poses a significant risk to home and...
Read More
By infosecbulletin
/ Thursday , July 10 2025
Zoom released a security update addressing six newly discovered vulnerabilities in its Workplace, Rooms, and SDK products for Windows, macOS,...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Jack Dorsey, co-founder of Twitter and Block Head, launched a new peer-to-peer messaging app called Bitchat, which operates solely over...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Splunk has issued critical security updates for SOAR versions 6.4.0 and 6.4 to fix several vulnerabilities in third-party packages. The...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Cybersecurity researcher Jeremiah Fowler found an unsecured database with 245,949 records, reported to vpnMentor. It likely belonged to a tax...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Fortinet has issued a critical patch for a critical vulnerability in its FortiWeb product, a web application firewall commonly used...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Microsoft's Patch Tuesday in July 2025 is critical, featuring updates for 137 vulnerabilities, including a zero-day in Microsoft SQL Server....
Read More
By infosecbulletin
/ Tuesday , July 8 2025
ThreatFabric researchers have discovered a new sophisticated campaign by the Anatsa banking trojan targeting mobile banking users in the U.S....
Read More
An anonymous researcher found and reported the flaw. The information about the attacks’ nature, scale and the identity of the perpetrator is limited, as it often happens in such cases.
ALSO READ:
Over 700 fake “Threads” domain in online
But Apple noted in a terse advisory that it’s “aware of a report that this issue may have been actively exploited.”
The updates, iOS 16.5.1 (a), iPadOS 16.5.1 (a), macOS Ventura 13.4.1 (a), and Safari 16.5.2, are available for devices running the following operating system versions:
iOS 16.5.1 and iPadOS 16.5.1
macOS Ventura 13.4.1
macOS Big Sur and macOS Monterey
Apple has addressed 10 zero-day vulnerabilities in its software since the start of 2023. It also arrives weeks after the company rolled out patches to fix three zero-days, two of which have been weaponized by unidentified actors in connection with an espionage campaign called Operation Triangulation.
Update:
Apple has pulled the software update after reports emerged that installing the patches caused certain websites like Facebook, Instagram, and Zoom to throw an “Unsupported Browser” error on Safari.