Apple has known about the vulnerability, which also affects iPadOS 15 and Safari 15, since late November.
vulnerabilities
‘Zero-Click’ Zoom Vulnerabilities Could Have Exposed Calls
The flaws are now fixed, but they speak to the growing concerns around interactionless attacks.
The FTC Wants Companies to Find Log4j Fast. It Won’t Be Easy
The critical vulnerability is buried among endless open source code, and many cyber experts are stumped.
The Next Wave of Log4J Attacks Will Be Brutal
So far, Log4Shell has resulted mostly in cryptomining and a little espionage. The really bad stuff is just around the corner.
Google Warns That NSO Hacking Is On Par With Elite Spy Groups
ForcedEntry is “one of the most technically sophisticated exploits” Project Zero security researchers have ever seen.
New Microsoft Exchange credential stealing malware could be worse than phishing
While looking for additional Exchange vulnerabilities in the wake of this year’s zero-days, Kaspersky found an IIS add-on that harvests credentials from OWA whenever, and wherever, someone logs in.
