Systems researcher Jack Dates was paid $100,000 after finding a new exploit in Apple’s Safari web browser he revealed at the Pwn2Own 2021 event which the Zero Day Initiative holds to encourage white hat hackers to report zero-day vulnerabilities to the affected companies instead of selling these breaches to malicious actors. To read the rest […]
Based on logs from compromised phones, we believe that NSO Group customers also successfully deployed KISMET or a related zero-click, zero-day exploit between October and December 2019. The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the […]
A week ago, Mac users were alerted to a sinister danger: if you had previously installed certain conferencing software, in particular that for Zoom, then even though you may have removed that, it probably left behind a hidden web server which could have been exploited remotely. Because that was a serious vulnerability, Apple pushed an […]
Several pre-2011 Macs could still be vulnerable to ‘ZombieLoad’-like security exploits, and Apple can’t fix that because Intel won’t release the necessary microcode updates. AppleInsider contacted Apple about the list published on May 13 to clarify how Macs made before the 2011 vulnerability could be affected. Apple says that certain older Macs could remain vulnerable […]
