
Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities (CVE-2023-41992, CVE-2023-41991, CVE-2023-41993) exploited …

Email forwarding flaws enable attackers to impersonate high-profile domains
Sending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by …

Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)
Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of …

Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435)
Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by …

Apple previews Lockdown Mode to protect users from targeted spyware
In this Help Net Security video, you’ll learn more about Lockdown Mode, a security capability from Apple that offers specialized additional protection to users who may …

FluBot takedown: Law enforcement takes control of Android spyware’s infrastructure
An international law enforcement operation involving 11 countries has disrupted the spreading of the FluBot Android malware, which spreads via SMS and MMS and steals sensitive …

The six most common threats against the device that knows you best
What is the most intimate relationship in your life—aside from your partner, your children or your parents? For many of us, it’s our mobile phone. It’s the last thing we see …

How to protect the corporate network from spyware
It used to be easy for network administrators to identify where corporate boundaries are; they were usually where the external and internal networks meet. That made it easy …

iOS app developers targeted with trojanized Xcode project
“We recently became aware of a trojanized Xcode project in the wild targeting iOS developers thanks to a tip from an anonymous researcher. The malicious project is a …

A look at the top threats inside malicious emails
Web-phishing targeting various online services almost doubled during the COVID-19 pandemic: it accounted for 46 percent of the total number of fake web pages, Group-IB …

App on Google Play exploited Android bug to deliver spyware
Google has pulled three malicious apps from Google Play, one of which exploits a recently patched kernel privilege escalation bug in Android (CVE-2019-2215) to install the app …

WhatsApp flaw used to install spyware by simply calling the target
A security vulnerability in the popular Facebook-owned end-to-end encrypted messaging app WhatsApp allowed attackers to install spyware on smartphones without any user …
Featured news
Sponsored
Don't miss
- Sumo Logic discloses potential breach via compromised AWS credential
- Marina Bay Sands breach exposed data of 665,000 customers
- The 3 key stages of ransomware attacks and useful indicators of compromise
- Aqua Trivy open-source security scanner now finds Kubernetes security risks
- AI-assisted coding and its impact on developers