Apple rushes fixes for exploited zero-days in iPhones and Macs (CVE-2023-28205, CVE-2023-28206)

Apple has pushed out security updates that fix two actively exploited zero-day vulnerabilities (CVE-2023-28205, CVE-2023-28206) in macOS, iOS and iPadOS. Reported by researchers Clément Lecigne of Google’s Threat Analysis Group (TAG) and Donncha Ó Cearbhaill, the head of Amnesty International’s Security Lab, the vulnerabilities have been exploited in tandem to achieve full device compromise – with the likely (though not confirmed) goal to install spyware on target devices. About the vulnerabilities CVE-2023-28205 is a use … More →

The post …

0 day actively exploited amnesty amnesty international analysis apple cisa compromise cve cve-2023-28205 cve-2023-28206 device devices don't miss exploit exploited fix fixes google head hot stuff install international ios ipad ipados iphones lab macos macs researchers security security update security updates spyware tag tandem target threat threat analysis threat analysis group updates vulnerabilities zero-day zero-days zero-day vulnerabilities