Lord of the Rant. Formerly turtle2472
Join Date: Mar 2005
Location: Upstate South Carolina
|
iOS Zero-day installing cross-site malicious packages. [ARS]
Quote:
Attacks targeting CVE-2021-1879, as the zero-day is tracked, redirected users to domains that installed malicious payloads on fully updated iPhones. The attacks coincided with a campaign by the same hackers who delivered malware to Windows users, the researchers said.
...
If the targeted device was an iPhone or iPad, a server used an exploit for CVE-2021-1879, which allowed hackers to deliver a universal cross-site scripting attack. Apple patched the zero-day in late March.
|
Can't even trust iOS. Good thing I'm hesitant to click random crap.
|