18 matches found
Coruna: the framework used in Operation Triangulation
Introduction On March 4, 2026, Google and iVerify published reports about a highly sophisticated exploit kit targeting Apple iPhone devices. According to Google, the exploit kit was first discovered in targeted attacks conducted by a customer of an unnamed surveillance vendor. It was later used b...
Exploit for Integer Overflow or Wraparound in Apple Ipados
Trigon Trigon is a deterministic kernel exploit based on CVE-...
Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature
The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company. Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginnin...
About the security content of iOS 15.8 and iPadOS 15.8
About the security content of iOS 15.8 and iPadOS 15.8 This document describes the security content of iOS 15.8 and iPadOS 15.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...
iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation
The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the victim's location. The new findings come from Kaspersky, which detailed the great...
Apple iOS < 15.7.7 Multiple Vulnerabilities (HT213811)
Binary data appleios1577check.nbin...
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439...
CVE-2023-32434
CVE-2023-32434 is an Apple kernel vulnerability in the XNU VM layer causing an integer overflow that could allow an app to execute code with kernel privileges. Public documentation confirms fixed in multiple OS versions (watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 / iPadOS 15.7.7, macOS Monte...
CVE-2023-32434
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with...
Vulnerabilities fixed in Apple macOS, iOS, iPadOS and Safari
Apple has fixed vulnerabilities in macOS, iOS, iPadOS and Safari. An unauthenticated malicious person could exploit them to execute arbitrary code on the vulnerable system. The most serious vulnerability has been assigned attribute CVE-2023-32434 assigned and allows a malicious person to execute...
VulnCheck KEV: CVE-2023-32434
Apple iOS. iPadOS, macOS, and watchOS contain an integer overflow vulnerability that could allow an application to execute code with kernel privileges...
About the security content of macOS Ventura 13.4.1
About the security content of macOS Ventura 13.4.1 This document describes the security content of macOS Ventura 13.4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
About the security content of watchOS 9.5.2
About the security content of watchOS 9.5.2 This document describes the security content of watchOS 9.5.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...
About the security content of watchOS 8.8.1
About the security content of watchOS 8.8.1 This document describes the security content of watchOS 8.8.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...
About the security content of macOS Monterey 12.6.7
About the security content of macOS Monterey 12.6.7 This document describes the security content of macOS Monterey 12.6.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
macOS 11.x < 11.7.8 (HT213809)
The remote host is running a version of macOS / Mac OS X that is 11.x prior to 11.7.8. It is, therefore, affected by a vulnerability: - An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS...
macOS 12.x < 12.6.7 (HT213810)
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.6.7. It is, therefore, affected by a vulnerability: - An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS...
macOS 13.x < 13.4.1 Multiple Vulnerabilities (HT213813)
The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.4.1. It is, therefore, affected by multiple vulnerabilities: - An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS...