Pierluigi Paganini
January 23, 2023
Apple has backported the security updates for the zero-day vulnerability CVE-2022-42856 to older iPhones and iPads. On December 2022, Apple released security updates to address a new zero-day vulnerability, tracked as CVE-2022-42856, that is actively exploited in attacks against iPhones. The IT giant released security bulletins for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1. Apple addressed […]
Pierluigi Paganini
November 10, 2022
Apple released out-of-band patches for iOS and macOS to fix a couple of code execution vulnerabilities in the libxml2 library. Apple released out-of-band patches for iOS and macOS to address two code execution flaws, tracked as CVE-2022-40303 and CVE-2022-40304, in the libxml2 library for parsing XML documents. The two vulnerabilities were discovered by Google Project […]
Pierluigi Paganini
October 27, 2022
SiriSpy is a vulnerability affecting Apple iOS and macOS that allowed apps to eavesdrop on users’ conversations with Siri. SiriSpy is a now-patched vulnerability, tracked as CVE-2022-32946, in Apple’s iOS and macOS that could have potentially allowed any app with access to Bluetooth to eavesdrop on conversations with Siri and audio. “An app may be […]
Pierluigi Paganini
September 01, 2022
Researchers discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials. Researchers from Broadcom Symantec’s Threat Hunter team discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials that allowed access to private cloud services. The experts pointed out that most of the apps containing hard-coded Amazon Web Services […]
Pierluigi Paganini
January 03, 2022
Expert found a new persistent DoS vulnerability, dubbed ‘doorLock,’ affecting the Apple HomeKit in iOS 14.7 through 15.2. Security researchers Trevor Spiniolas discovered a new persistent DoS vulnerability, dubbed ‘doorLock,’ affecting the Apple HomeKit in iOS 14.7 through 15.2. HomeKit is a software framework by Apple, made available in iOS/iPadOS that lets users configure, communicate […]
Pierluigi Paganini
October 14, 2021
WhatsApp made available end-to-end encrypted chat backups on iOS and Android to prevent anyone from accessing user chats. WhatsApp is rolling out end-to-end encrypted chat backups on both iOS and Android devices, the move aims at implementing an optional layer of security to protect backups stored on Google Drive or iCloud cloud storage. Currently, WhatsApp […]
Pierluigi Paganini
October 13, 2021
Apple has silently addressed a zero-day vulnerability that could allow attackers to gain access to sensitive user data. Apple has silently addressed zero-day vulnerability with the release of iOS 15.0.2, the vulnerability could allow attackers gain access to sensitive user information. The flaw was reported to the IT giant by software developers Denis Tokarev seven […]
Pierluigi Paganini
June 04, 2021
Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724, that impacts macOS, iOS and iPadOS. Trend Micro researchers disclosed technical details of a patched privilege escalation vulnerability, tracked as CVE-2021-30724, that impacts macOS, iOS, and iPadOS. The flaw was reported to Apple by Trend Micro researcher Mickey Jin, and the […]
Pierluigi Paganini
March 09, 2021
Apple released out-of-band patches to address a remote code execution, tracked as CVE-2021-1844, that affect iOS, macOS, watchOS, and Safari web browser. Apple has released out-of-band security patches to address a critical iOS, macOS, watchOS, and Safari web browser to address a security flaw tracked as CVE-2021-1844. The vulnerability was discovered by Clément Lecigne of […]
Pierluigi Paganini
December 16, 2020
Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. Goontact implement common spyware features, including the ability to gather data from the infected devices and […]
Malware / September 05, 2025
