A severe iPhone exploit is now public, and anyone can use it

A leaked iPhone exploit makes outdated iOS devices easy targets — update now or risk full data access from a simple malicious website.
The Hacker News

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days for Full Device Takeover

DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple countries.
TechSpot

New iPhone bootROM exploit might lead to permanent jailbreak on hundreds of millions of devices

Uh oh Apple: Someone discovered an "unpatchable" exploit on iPhones that may allow them to be permanently jailbroken. The vulnerability is at the hardware level, so even updating iOS will not patch ...

Apple confirms today’s iOS and iPadOS updates for older devices address the Coruna exploit

Apple has detailed the security content for iOS and iPadOS 16.7.15, 15.8.7, 16.7.15, and 15.8.7, confirming that they address ...
Ars Technica

Unpatchable bug in millions of iOS devices exploited, developer claims

Today, an iOS security researcher who earlier developed software to “jailbreak” older Apple iOS devices posted a new software tool that he claims uses a “permanent unpatchable bootrom exploit” that ...
9to5google

Dirty Pipe: What you need to know about the major exploit affecting Pixel 6 and Galaxy S22 devices [Updated]

The security world has been abuzz about a new Linux exploit called “Dirty Pipe,” which also affects Android 12 devices like Galaxy S22 and Pixel 6. Here’s everything you need to know about “Dirty Pipe ...
Hosted on MSN

Hackers exploit WhatsApp device-linking feature to hijack accounts

Hackers can hijack WhatsApp accounts without ever cracking passwords or encryption GhostPairing attacks exploit legitimate device-linking features to gain full account access Users are tricked by fake ...
Ars Technica

Developer of Checkm8 explains why iDevice jailbreak exploit is a game changer

Often, when new iOS jailbreaks become public, the event is bittersweet. The exploit allowing people to bypass restrictions Apple puts into the mobile operating system allows hobbyists and researchers ...
Threat Post

Millions of Routers, IoT Devices at Risk from BotenaGo Malware

BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities. Newly surfaced malware that is difficult to detect and written in Google’s open-source ...
Threat Post

Cisco Patches Critical Flaw After PoC Exploit Code Release

A critical path-traversal flaw (CVE-2020-27130) exists in Cisco Security Manager that lays bare sensitive information to remote, unauthenticated attackers. A day after proof-of-concept (PoC) exploit ...
Que.com on MSN

Stryker cyberattack sparks new risks in device management tools

The recent cyberattack involving Stryker has fueled renewed concern across healthcare IT: device management tools—once viewed primarily as operational necessities—are ...
Bleeping Computer

Exploit out for critical Realtek flaw affecting many networking devices

Exploit code has been released for a critical vulnerability affecting networking devices with Realtek’s RTL819x system on a chip (SoC), which are estimated to be in the millions. The flaw is ...