vulnerabilities

Activists’ phones targeted by one of the world’s most advanced spyware apps

Mobile phones of two prominent human rights activists were repeatedly targeted with Pegasus, the highly advanced spyware made by Israel-based NSO, researchers from Amnesty International reported this week. The Moroccan human rights defenders received SMS text messages containing links to malicious sites. If clicked, the sites would attempt to install Pegasus, which as reported here …

Activists’ phones targeted by one of the world’s most advanced spyware apps Read More »

Attackers exploit an iTunes zeroday to install ransomware

Attackers exploited a zeroday vulnerability in Apple’s iTunes and iCloud programs to infect Windows computers with ransomware without triggering antivirus protections, researchers from Morphisec reported on Thursday. Apple patched the vulnerability earlier this week. The vulnerability resided in the Bonjour component that both iTunes and iCloud for Windows relies on, according to a blog post. …

Attackers exploit an iTunes zeroday to install ransomware Read More »

Hacker stole details of 250,000 users from Dutch sex worker forum

A hacker has stolen the data of 250,000 users of a Dutch web forum, exposing the email addresses of both clients and workers. A Dutch sex worker forum where clients can rate and review workers, Hookers.nl, has experienced a data breach, according to Dutch broadcaster NOS. NOS reached out to the hacker, who reportedly stole …

Hacker stole details of 250,000 users from Dutch sex worker forum Read More »

Attackers exploit 0-day vulnerability that gives full control of Android phones

Attackers are exploiting a zero-day vulnerability in Google’s Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel models, a member of Google’s Project Zero research group said on Thursday night. There’s evidence the vulnerability is being actively exploited, either by exploit developer NSO …

Attackers exploit 0-day vulnerability that gives full control of Android phones Read More »

Webkit zero-day exploit besieges Mac and iOS users with malvertising redirects

Enlarge / Artist’s impression of a malicious hacker coding up a BlueKeep-based exploit. Attackers have bombarded the Internet with more than 1 billion malicious ads in less than two months. The attackers targeted iOS and macOS users with what were zero-day vulnerabilities in Chrome and Safari browsers that were recently patched, researchers said on Monday. …

Webkit zero-day exploit besieges Mac and iOS users with malvertising redirects Read More »

Developer of Checkm8 explains why iDevice jailbreak exploit is a game changer

Enlarge / The bootrom of an Apple Watch Series 3, as shown through a hex viewer. Yep, Apple Watches series 1, 2, and 3 are also vulnerable to Checkm8. Often, when new iOS jailbreaks become public, the event is bittersweet. The exploit allowing people to bypass restrictions Apple puts into the mobile operating system allows …

Developer of Checkm8 explains why iDevice jailbreak exploit is a game changer Read More »