Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos

Plus: Spy firms tap into a global telecom weakness to track targets, 500,000 UK health records go up for sale on Alibaba, Apple patches a revealing notification bug, and more...

CVE-2022-42827

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively...

Google's AI 'Big Sleep' Finds 5 New Vulnerabilities in Apple's Safari WebKit

Google's artificial intelligence AI-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used in its Safari web browser that, if successfully exploited, could result in a browser crash or memory...

EUVD-2014-2274

Malware in sbrugna...

PT-2025-37425

Name of the Vulnerable Software and Affected Versions ImageIO affected versions not specified Description An issue exists in ImageIO that could allow for arbitrary code execution through maliciously crafted images. This issue was actively exploited. The vulnerability does not provide access to...

PT-2024-31040 · Apple · Ios +1

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.0.1 iPadOS versions prior to 18.0.1 Description: This issue involves audio messages in Messages potentially capturing a few seconds of audio before the microphone indicator is activated. The problem was addressed with...

CVE-2024-27807

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. An app may be able to circumvent App Privacy Report logging...

Apple & Microsoft Patch Tuesday, July 2023 Edition

Microsoft Corp. today released software updates to quash 130 security bugs in its Windows operating systems and related software, including at least five flaws that are already seeing active exploitation. Meanwhile, Apple customers have their own zero-day woes again this month: On Monday, Apple...

CVE-2022-42805

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges...

A week in security (May 16 – 22)

Last week on Malwarebytes Labs: Fake reCAPTCHA forms dupe users via compromised WordPress sites How COVID-19 fuelled a surge in malware Why MRG-Effitas matters to SMBs “Look what I found here” phish targets Facebook users AirTag stalking: What is it, and how can I avoid it? Long lost @ symbol get...

New iPhone malware spies via camera when device appears off

When removing malware from an iOS device, it is said that users need to restart the device to clear the malware from memory. That is no longer the case. Security researchers from ZecOps have created a new proof-of-concept PoC iPhone Trojan capable of doing "fun" things. Not only can it fake a...

Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild

Apple on Tuesday released updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities that it says may have been actively exploited in the wild. Reported by an anonymous researcher, the three zero-day flaws — CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 — could have allowed...

'Chaos' iPhone X Attack Alleges Remote Jailbreak

A Chinese security researcher has published what he claims is a proof-of-concept exploit that would allow a remote attacker to jailbreak an iPhoneX, unbeknownst to the user – allowing them to gain access to a victim’s data, processing power and more. Qixun Zhao of Qihoo 360 built the exploit, whi...

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...

On the iOS system“Trident”vulnerability briefings-vulnerability warning-the black bar safety net

! Recently, on the Internet to disclose about the iOS operating system there is“Trident”vulnerability, CNNVD-2 0 1 6 0 8-4 6 0, the CNNVD-2 0 1 6 0 8-4 6 1, THE CNNVD-2 0 1 6 0 8-4 6 2. 8 on 1 5 December, by the Canadian citizen lab the Citizen Lab and the U.S. Lookout mobile security companies...

iOS sandboxing vulnerabilities increase the enterprise data risk level-vulnerability warning-the black bar safety net

Appthority researchers found a present in the iOS sandboxed application vulnerabilities in the iOS 8.4.1 the following version of the system will be affected, anyone can use this vulnerability to access the System Management Application Configuration. Sandbox vulnerability-QuickSand Due to this...

Microsoft warning: Windows PC there are also Freak security vulnerability-vulnerability warning-the black bar safety net

Microsoft on Friday warned that hundreds of millions of Windows PC users are facing a“Freak”security vulnerability threats, and that a newly discovered security vulnerability was initially considered only for mobile devices and Apple Mac computers pose a threat. On Tuesday, by 9 The name of...

Apple Patches Shellshock Vulnerability in Bash

Apple tonight released its patch for the Bash vulnerability, updating OS X Lion, Mountain Lion and Mavericks. Late Friday, Apple reassured Mac OS X users that most were protected by default, but nonetheless that it was working on a patch. The vulnerability in Bash, which stands for Bourne Again...

Dockster Mac Malware Targets Dalai Lama Website Through Flashback Vulnerability

Mac malware targeting Tibetan supporters is being served on a website connected to the Dalai Lama. The Dockster Trojan, discovered by researchers at F-Secure, exploits the same Java vulnerability as the virulent Flashback Trojan that hit more than 600,000 OS X users earlier this year. F-Secure...

Conflicting Reports On Receding Flashback Levels

The number of Macs infected with the Flashback malware continue to decline but it’s not entirely clear to what degree. Initial numbers estimated that there were about 600,000 infected computers in total yet those numbers dropped last week to 237,000 and now, according to research by Symantec...