Apple News Articles

Recent news articles refferecing the vendors vulnerabilities.

Apple patches zero day affecting operating systems for devices, Macs

Apple released a bevy of security updates to fix a slew of vulnerabilities in its products on Monday, including a zero day that “may have been exploited” in operating systems for its iPhones, iPads and Macintosh computers.

1 week ago

Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS

Apple patches CVE-2024-44131, a TCC bypass vulnerability enabling malicious apps to access sensitive data via symlink manipulation.

2 weeks ago

iOS 18 Alert—iPhone Users Waiting To Update At Risk From New Attack

People waiting to update to iOS 18 could be putting their security at risk, according to a new warning. Here's what you need to know.

2 weeks ago

iOS vuln leaves user data dangerously exposed | Computer Weekly

Jamf threat researchers detail an exploit chain for a recently patched iOS vulnerability that enables a threat actor to steal sensitive data, warning that many organisations are still neglecting mobile updates.

2 weeks ago

Jamf details scary iCloud flaw that was exploitable until this fall

Bypass allowed apps to access sensitive data without notifying the user.

2 weeks ago

Gergely's hack blog

Gergely's blog about hacking, privacy, and everything else

1 month ago

AUSCERT Week in Review for 29th November 2024 - AUSCERT

Greetings, This week, we had the exciting opportunity to reconnect with our Melbourne community at an AUSCERT member meetup. It was an inspiring space for collaboration, where participants shared experiences,...

1 month ago

CISA Warns of Apple & Oracle Agile Vulnerabilities Exploited in Wild

CISA has issued an urgent advisory regarding three critical vulnerabilities affecting Apple and Oracle products.

1 month ago

Tag: CVE-2024-44308

Following up on yesterday’s story about how Apple pushed major macOS, iOS, and iPadOS security updates out the door to cover a pair of vulnerabilities, it appears that the vulnerabilities are already being...

1 month ago

iOS 18.1.1—Update Now Warning Issued To All iPhone Users

Apple has issued iOS 18.1.1, an emergency iPhone update fixing two flaws being used in real-life attacks. Here's what you need to know.

1 month ago

Apple warns 2 macOS zero-day vulnerabilities under attack | TechTarget

Apple published a security update with limited details on zero-day vulnerabilities CVE-2024-44308 and CVE-2024-44309 in macOS Sequoia.

1 month ago

Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) - Help Net Security

Apple has released security updates for macOS Sequoia that fix two exploited zero-day vulnerabilities (CVE-2024-44309, CVE-2024-44308).

1 month ago

HM Surf macOS vuln potentially exploited by Adloader malware

In revealing details about a vulnerability that threatens the privacy of Apple fans, Microsoft urges all macOS users to update their systems. The bug, tracked as CVE-2024-44133 (CVSS 5.5) and patched in...

2 months ago

Adload malware exploits flaw to bypass macOS protections for Safari

Microsoft warns users to patch the HM Surf flaw because Defender detected it was actively exploited.

2 months ago

"HM Surf" macOS Flaw Lets Attackers Access Camera and Mic – Patch Now!

Microsoft discovered a new macOS vulnerability, "HM Surf" (CVE-2024-44133), which bypasses TCC protections and allowing unauthorized access.

2 months ago

Adload malware exploits flaw to bypass macOS protections for Safari

Microsoft warns users to patch the HM Surf flaw because Defender detected it was actively exploited.

2 months ago

MacOS Safari Exploit Exposes Camera, Mic, Browser Data

Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.

2 months ago

Apple, 2 Critical Security Flaws in iOS and iPadOS Products - ZAM

Apple Security Bulletin 121373, released on October 3, 2024, provides information on fixes for multiple critical vulnerabilities in versions prior to

3 months ago

iPhone 'VoiceOver' Feature Could Read Passwords Aloud

CVE-2024-44204 is one of two new Apple iOS security vulnerabilities that showcase an unexpected coming together of privacy snafus and accessibility features.

3 months ago

Apple macOS AppleVADriver Out-Of-Bounds Write Remote Code Execution Vulnerability [CVE-2024-40841]

CVE number = CVE-2024-40841 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS, it has a CVSS score of 8.8 User interaction is required to exploit...

3 months ago

CVE-2024-27822

We believe that knowledge is the ultimate weapon against cyber threats. By breaking down complex concepts, democratizing technical expertise, and fostering a dialogue around cybersecurity, TheHackerWire...

5 months ago

Apple Issues New AirPods Security Update For Eavesdropping Flaw

Apple has issued an update for AirPods to fix a flaw that could allow an attacker to eavesdrop on your conversations. Here's what you need to know.

6 months ago

Apple AirPods Bluetooth Vulnerability Lets Attackers Gain Access to Device

Apple has recently released critical firmware updates for its AirPods and Beats headphones to address a significant Bluetooth vulnerability.

6 months ago

Apple åtgärdar allvarligt säkerhetsbugg i Bluetooth - som kan exploateras för att avlyssna dig

Buggen har fått namnet CVE-2024-27867, och det är ett autentiseringsproblem, som finns i mjukvara för AirPods (andra generationen och senare), AirPods Pro (alla…

6 months ago

TURPENTINE XNU Kernel Buffer Overflow - The Cyber Post

Daily cybersecurity news articles on the latest breaches, hackers, exploits and cyber threats. Learn and educate yourself with malware analysis, cybercrime

6 months ago

Critical Flaw In Apple Ecosystems Let Attackers Gain Unauthorized Access

Hackers go for Apple due to its massive user base along with rich customers, including business people and managers who use those devices

6 months ago

PoC Exploit Released for macOS Root Access Vulnerability

A security vulnerability, identified as CVE-2024-27822, has been discovered in macOS. This vulnerability allows unauthorized root access and has raised serious concerns among cybersecurity experts and macOS users alike.

7 months ago

iOS零日攻击:专家揭示对三角定位行动的更深入见解

The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the vict

7 months ago

Aggiornate subito i MacBook: c'è un bug pericolosissimo

Una nuova vulnerabilità colpisce i Mac e i MacBook con sistema operativo non aggiornato: un hacker può prendere il controllo completo del computer.

7 months ago

Apple macOS non è sicuro. Aggiornare immediatamente per evitare potenziali attacchi

Una grave falla di sicurezza informatica è stata rilevata all'interno del sistema operativo di Apple Mac OS.

7 months ago

CVE-2024-27842: macOS 14 больше не является безопасной

Ваше ядро впадёт в панику от одной лишь мысли об эксплойте к новой уязвимости.

7 months ago

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege escalation. This vulnerability has been assigned

7 months ago

iOS 17.5 Security Patches – Everything You Need To Know

Apple has recently released iOS 17.5 Security Patches update that addresses 15 vulnerabilities in the iPhone operating system.........

7 months ago

Apple walks back CVE-2024-27804, claims it's non-exploitable & offers security researcher paltry $1,000 bounty

Apple says CVE-2024-27804 isn't exploitable, so not only won't jailbreakers benefit from it, but the security researcher won't get a reward.

7 months ago

PoC for CVE-2024-27804 published, jailbreak developers uncertain of viability

A proof of concept for CVE-2024-27804 was published, but some jailbreak developers are voicing that it won't result in a jailbreak.

7 months ago

Apple backports iOS zero-day patch, adds Bluetooth tracker alert - Help Net Security

Apple has added a new capability to iOS 17 that will alert users if an unknown Bluetooth tracker is "seen" moving with them.

7 months ago

CVE-2024-27842 : APPLE MACOS UP TO 14.4 KERNEL LOCAL PRIVILEGE ESCALATION - Cloud WAF

CVE-2024-27842 : The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app may be able to execute arbitrary code with kernel privileges.

7 months ago

Security researcher says PoC for kernel vulnerability targeting iOS 17.4.1 and older coming soon

A security researcher is promising a write up about a kernel vulnerability proof-of-concept affecting iOS 17.4.1 and older.

7 months ago

Apple backports fix for zero-day exploited in attacks to older iPhones

Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS zero-day tagged as exploited in attacks.

7 months ago

Apple backports fix for RTKit iOS zero-day to older iPhones

Apple has backported security patches released in March to older iPhones and iPads, fixing an iOS Kernel zero-day tagged as exploited in attacks.

7 months ago

CVE-2023-42931 Detection: Critical macOS Vulnerability Enabling Easy Privilege Escalation and Root Access - SOC Prime

Detect CVE-2023-42931 exploitation attempts for critical macOS privilege escalation vulnerability with a Sigma rule in the SOC Prime Platform.

9 months ago

CVE-2023-42931: macOS Flaw Exposed Systems to Easy Privilege Escalation – Patch Now!

Security researcher Yann Gascuel has detailed a critical privilege escalation vulnerability (CVE-2023-42931) affecting the macOS versions

9 months ago

Apple releases urgent security update for Mac: CVE-2024-23300

News Summary: Apple rarely issues updates for a single security issue, let alone for one that only impacts a single app. So, what do Mac users need to know about CVE-2024-23300? - Forbes (United States)

9 months ago

Forbes: «Apple Suddenly Issues Urgent Security Update For Mac: CVE-2024-23300»

«Apple rarely issues updates for a single security issue, let alone for one that only impacts a single app. So, what do Mac users need to know about CVE-2024-23300?»

9 months ago

Apple Suddenly Issues Urgent Security Update For Mac: CVE-2024-23300

Apple rarely issues updates for a single security issue, let alone for one that only impacts a single app. So, what do Mac users need to know about CVE-2024-23300?

9 months ago

Apple Addressed Two iOS Zero-Days With Latest Updates

With iOS 17.4 and iOS 16.7.6, Apple addressed numerous vulnerabilities, including two zero-days. Users must update their devices asap.

10 months ago

Apple discloses 2 iOS zero-day vulnerabilities | TechTarget

Apple disclosed two zero-day vulnerabilities on March 5, CVE-2024-23225 and CVE-2024-23296, which the company said 'may have been exploited' in the wild.

10 months ago

Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296) - Help Net Security

Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild.

10 months ago

CVE-2024-23225 & CVE-2024-23296: Apple Patches Actively Exploited 0-Day Flaws

Apple recently pushed out emergency patches to fix two "zero-day" vulnerabilities (CVE-2024-23225 and CVE-2024-23296) that are already under attack

10 months ago