COOKIE SPIDER’s Malvertising Drops New SHAMOS macOS Malware
CrowdStrike reports COOKIE SPIDER using malvertising to spread SHAMOS macOS malware (a new variant of AMOS infostealer), stealing…
Apple
CISA Warns of Actively Exploited 0-Day Vulnerability in Apple iOS, iPadOS, and macOS
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical zero-day vulnerability affecting Apple iOS, iPadOS, and macOS systems that is being actively exploited in the wild. CVE-2025-43300, an out-of-boun…
Apple addressed the seventh actively exploited zero-day
Apple addressed a vulnerability impacting iOS, iPadOS, and macOS that it is under active exploitation in the wild. Apple addressed an actively exploited zero-day, tracked as CVE-2025-43300, in iOS, iPadOS, and macOS. The vulnerability is zero-day out-of-bounds write issue that resides in the ImageIO framework, an attacker could exploit it to cause memory corruption when processing […]
Apple Patches Zero-Day Exploited in Targeted Attacks
Apple has rolled out iOS and macOS updates that resolve a zero-day vulnerability exploited in highly targeted attacks.
The post Apple Patches Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek.
Apple Confirms Critical 0-Day Under Active Attack – Immediate Update Urged
Apple has issued an emergency security update for iOS 18.6.2 and iPadOS 18.6.2 to address a critical zero-day vulnerability that the company confirms is being actively exploited in sophisticated attacks against targeted individuals. The update, release…
Apple Confirms Critical 0-Day Under Active Attack – Immediate Update Urged
Apple has issued an emergency security update for iOS 18.6.2 and iPadOS 18.6.2 to address a critical zero-day vulnerability that the company confirms is being actively exploited in sophisticated attacks against targeted individuals. The update, release…
Apple fixes zero-day vulnerability exploited in “extremely sophisticated attack” (CVE-2025-43300)
Apple has fixed yet another vulnerability (CVE-2025-43300) that has apparently been exploited as a zero-day “in an extremely sophisticated attack against specific targeted individuals.” About CVE-2025-43300 CVE-2025-43300 is an out-of-bound…
UK has backed down on demand to access US Apple user data, spy chief says
Tulsi Gabbbard says Home Office no longer demanding ‘backdoor’ to encrypted materialThe UK government has dropped its insistence that Apple allows law enforcement officials “backdoor” access to US customer data, Donald Trump’s spy chief, Tulsi Gabbard,…
Gabbard Says UK Scraps Demand for Apple to Give Backdoor Access to Data
Britain abandoned its demand that Apple provide backdoor access to any encrypted user data stored in the cloud.
The post Gabbard Says UK Scraps Demand for Apple to Give Backdoor Access to Data appeared first on SecurityWeek.
New Ghost-Tapping Attacks Target Apple Pay and Google Pay Users’ Linked Cards
Chinese-speaking cybercriminals are using ghost-tapping techniques to take advantage of Near Field Communication (NFC) relay tactics in a sophisticated evolution of payment card fraud. They are mainly targeting mobile payment services such as Apple Pay…