8 matches found
Hacking Safari with GPT 5.4
When Anthropic unveiled Mythos and Project Glasswing, the reaction was immediate and polarized. Some dismissed it as fear-driven marketing, while others treated it as a credible shift in the threat landscape. Like with many things, the truth is probably somewhere in the middle. I wanted to test...
Exploit for Use After Free in Apple Safari
CVE-2025-43529 Root Cause Analysis for CVE-2025-43529, a UAF...
A week in security (October 23 – October 29)
Last week on Malwarebytes Labs: Malvertising via Dynamic Search Ads delivers malware bonanza Octo Tempest cybercriminal group is "a growing concern"—Microsoft Update now! Apple patches a raft of vulnerabilities Patch…later? Safari iLeakage bug not fixed Update vCenter Server now! VMWare fixes...
SUSE CVE-2010-1786
Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service application crash via a foreignObject elemen...
Pervasive Apple Safari Bug Exposes Web-Browsing Data, Google IDs
A security vulnerability in Apple’s browsers for macOS, iOS and iPadOS can lead to information disclosure, researchers have warned. Apple has just marked the issue as “resolved,” but it will take some time for the fixes to roll out, they said, so users should implement mitigations. According to...
VulnCheck KEV: CVE-2019-8771
This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy...
Mobile Devices Drawing More Attackers' Attention
As mobile devices such as iPhones, BlackBerrys, Android phones and others have become more sophisticated and easy to use, many users have made them their main computing and Web-browsing devices. And that evolution naturally has caught the attention of attackers who have begun tailoring more and...
New Safari Bug Being Used to Jailbreak iPhones
A Web site set up to help iPhone users jailbreak their devices is using a flaw in the way that the iPhone handles PDF files to escape the phone’s sandbox security function and enable users to load applications that aren’t in Apple’s official App Store. The same flaw could easily be used to instal...