Lucene search
K

21 matches found

The Hacker News
The Hacker News
•added 2026/03/27 5:22 p.m.•7 views

Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update. The development was first reported by MacRumors. "Apple is aware of attacks targeting out-of-date iOS software,...

6AI score
Exploits0
Securelist
Securelist
•added 2026/03/26 8:0 a.m.•6 views

Coruna: the framework used in Operation Triangulation

Introduction On March 4, 2026, Google and iVerify published reports about a highly sophisticated exploit kit targeting Apple iPhone devices. According to Google, the exploit kit was first discovered in targeted attacks conducted by a customer of an unnamed surveillance vendor. It was later used b...

7.8CVSS7.8AI score0.51517EPSS
Exploits3
Securelist
Securelist
•added 2024/06/03 10:0 a.m.•38 views

IT threat evolution Q1 2024

IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Targeted attacks Operation Triangulation: the final mystery Last June, we published a series of reports on Operation Triangulation, a previously unknown iOS malware platfo...

7.8CVSS6AI score0.51517EPSS
Exploits3
The Hacker News
The Hacker News
•added 2024/01/10 4:50 a.m.•80 views

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe, D-Link, Joomla Under Attack

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added six security flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. This includes CVE-2023-27524 CVSS score: 8.9, a high-severity vulnerability impacting the Apache Superset...

9.8CVSS7.3AI score0.99984EPSS
Exploits65
The Hacker News
The Hacker News
•added 2023/12/28 11:19 a.m.•100 views

Most Sophisticated iPhone Hack Ever Exploited Apple's Hidden Hardware Feature

The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company. Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginnin...

8.8CVSS9.8AI score0.51517EPSS
Exploits5
Securelist
Securelist
•added 2023/10/26 10:30 a.m.•30 views

How to catch a wild triangle

In the beginning of 2023, thanks to our Kaspersky Unified Monitoring and Analysis Platform KUMA SIEM system, we noticed suspicious network activity that turned out to be an ongoing attack targeting the iPhones and iPads of our colleagues. The moment we understood that there was a clear pattern in...

7.3AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/10/24 8:37 a.m.•96 views

iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation

The TriangleDB implant used to target Apple iOS devices packs in at least four different modules to record microphone, extract iCloud Keychain, steal data from SQLite databases used by various apps, and estimate the victim's location. The new findings come from Kaspersky, which detailed the great...

8.8CVSS8.5AI score0.51517EPSS
Exploits3
Securelist
Securelist
•added 2023/10/23 11:0 a.m.•37 views

The outstanding stealth of Operation Triangulation

Introduction In our previous blogpost on Triangulation, we discussed the details of TriangleDB, the main implant used in this campaign, its C2 protocol and the commands it can receive. We mentioned, among other things, that it is able to execute additional modules. We also mentioned that this...

7.4AI score
Exploits0
Securelist
Securelist
•added 2023/07/27 10:0 a.m.•92 views

APT trends report Q2 2023

For more than six years, the Global Research and Analysis Team GReAT at Kaspersky has been publishing quarterly summaries of advanced persistent threat APT activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published...

9.3CVSS7.6AI score0.99945EPSS
Exploits33
The Hacker News
The Hacker News
•added 2023/07/25 3:36 a.m.•65 views

Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs

Apple has rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild. Tracked as CVE-2023-38606, the shortcoming resides in the kernel and permits a malicious app to modify...

8.8CVSS7.4AI score0.51517EPSS
Exploits3
The Hacker News
The Hacker News
•added 2023/06/24 3:30 p.m.•95 views

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439...

9.8CVSS7.8AI score0.98281EPSS
Exploits10
The Hacker News
The Hacker News
•added 2023/06/24 3:30 p.m.•6 views

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439...

9.8CVSS7.6AI score0.98281EPSS
Exploits10
The Hacker News
The Hacker News
•added 2023/06/22 6:56 a.m.•125 views

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild. This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation tha...

8.8CVSS9.2AI score0.51517EPSS
Exploits3
The Hacker News
The Hacker News
•added 2023/06/22 6:56 a.m.•6 views

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild. This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation tha...

8.8CVSS8.7AI score0.51517EPSS
Exploits3
The Hacker News
The Hacker News
•added 2023/06/21 1:30 p.m.•5 views

New Report Exposes Operation Triangulation's Spyware Implant Targeting iOS Devices

More details have emerged about the spyware implant that's delivered to iOS devices as part of a campaign called Operation Triangulation. Kaspersky, which discovered the operation after becoming one of the targets at the start of the year, said the malware has a lifespan of 30 days, after which i...

6.6AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/06/21 1:30 p.m.•35 views

New Report Exposes Operation Triangulation's Spyware Implant Targeting iOS Devices

More details have emerged about the spyware implant that's delivered to iOS devices as part of a campaign called Operation Triangulation. Kaspersky, which discovered the operation after becoming one of the targets at the start of the year, said the malware has a lifespan of 30 days, after which i...

6.8AI score
Exploits0
Positive Technologies
Positive Technologies
•added 2023/06/21 12:0 a.m.•7 views

PT-2023-3221

Name of the Vulnerable Software and Affected Versions watchOS versions prior to 9.5.2 watchOS versions prior to 8.8.1 macOS Big Sur versions prior to 11.7.8 macOS Monterey versions prior to 12.6.7 macOS Ventura versions prior to 13.4.1 iOS versions prior to 15.7.7 iOS versions prior to 16.5.1...

7.8CVSS7.8AI score0.51517EPSS
Exploits3References74
Securelist
Securelist
•added 2023/06/02 12:16 p.m.•19 views

In search of the Triangulation: triangle_check utility

In our initial blogpost about "Operation Triangulation", we published a comprehensive guide on how to manually check iOS device backups for possible indicators of compromise using MVT. This process takes time and requires manual search for several types of indicators. To automate this process, we...

7AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/06/01 3:14 p.m.•38 views

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

A previously unknown advanced persistent threat APT is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019. "The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root...

7.1AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/06/01 3:14 p.m.•7 views

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

A previously unknown advanced persistent threat APT is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019. "The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with root...

6.9AI score
Exploits0
Rows per page
Query Builder