Vulnerabilities Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days. Ionut ArghireApril 8, 2024
IoT Security $200,000 Awarded at Pwn2Own 2024 for Tesla Hack Participants earned a total of $732,500 on the first day of Pwn2Own Vancouver 2024 for hacking a Tesla, operating systems, and other software. Eduard KovacsMarch 21, 2024
Mobile & Wireless Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices. Ionut ArghireDecember 28, 2023
Malware & Threats Stealth Techniques Used in ‘Operation Triangulation’ iOS Attack Dissected Kaspersky analyzes the stealth techniques that were used in the ‘Operation Triangulation’ iOS zero-click attacks. Ionut ArghireOctober 24, 2023
Malware & Threats Mirai Variant IZ1H9 Adds 13 Exploits to Arsenal A Mirai botnet variant tracked as IZ1H9 has updated its arsenal with 13 exploits targeting various routers, IP cameras, and other IoT devices. Ionut ArghireOctober 10, 2023
Mobile & Wireless Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits Russian zero-day acquisition firm Operation Zero is now offering $20 million for full Android and iOS exploit chains. Ionut ArghireSeptember 28, 2023
Mobile & Wireless Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks. Eduard KovacsSeptember 25, 2023
Vulnerabilities Over 20,000 Citrix Appliances Vulnerable to New Exploit Over 20,000 appliances are vulnerable to a new exploit technique targeting a recent Citrix ADC zero-day vulnerability CVE-2023-3519. Ionut ArghireJuly 24, 2023
ICS/OT APT Exploit Targeting Rockwell Automation Flaws Threatens Critical Infrastructure Two Rockwell Automation product vulnerabilities have been used for a new exploit by an APT group that could use it to target critical infrastructure. Eduard KovacsJuly 13, 2023
Vulnerabilities PoC Exploit Published for Cisco AnyConnect Secure Vulnerability A security researcher has published proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2023-20178) in Cisco AnyConnect Secure. Ionut ArghireJune 22, 2023
Cyberwarfare Russia Blames US Intelligence for iOS Zero-Click Attacks Kaspersky said its corporate network has been targeted with a zero-click iOS exploit, just as Russia's FSB said iPhones have been targeted by US... Eduard KovacsJune 1, 2023
Vulnerabilities Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days The newest iOS 16.4.1 and iPadOS 16.4.1 patches a pair of code execution flaws that have already been exploited in the wild. Ryan NaraineApril 7, 2023