Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day
Another month, another patch for in-the-wild iPhone malware (and a whole lot more).
A 0-Day is a software vulnerability without an available fix, creating risk because defenders have limited time to mitigate exploitation.
Search across headline titles and summaries.
Background for this topic.
0-Day describes a software vulnerability unknown to the software maker or unpatched when first exploited. Attackers can use these flaws immediately, as no official fix or signature exists to block the exploit. Such vulnerabilities often affect widely deployed software or hardware, making them valuable for targeted attacks or widespread campaigns.
Because defenders lack patches or reliable detection signatures initially, they must rely on anomaly detection, network monitoring, and threat intelligence to identify suspicious activity linked to 0-day exploits. Rapid patching once a fix is released is critical to reduce exposure. Tracking emerging 0-day threats helps prioritize defensive measures and informs risk management decisions in environments where unpatched vulnerabilities pose significant security risks.
Weekly headline count for the current query.
Another month, another patch for in-the-wild iPhone malware (and a whole lot more).
Zimbra didn't actually say, "Do not delay/Do it today," but they did say, "We kindly request your cooperation to apply the fix manually."
Previously, we said "do it today", but now we're forced back on: "Do not delay; do it as soon as Apple and your device will let you."
Don't delay, do it today. This is a code-implantation bug in WebKit that attackers already know how to exploit.
Apple didn't use the words "Triangulation Trojan", but you probably will.
Chrome 0-day patched now, Edge patch coming soon.
Little Bobby Tables is back!
When blocking buggy bootup modules, you have to be really careful not to lock your keys inside the car...
Wouldn't it be handy if there were a single version number to check for in every Chromium-based browser, on every supported platform?
Is Secure Boot without the Secure just "Boot"?
That double-whammy Apple browser-to-kernel spyware bug combo we wrote up last week? Turns out it applies to all supported Macs and iDevices - patch now!
A bug to hack your browser, then a bug to pwn the kernel... reported from the wild by Amnesty International.
Got an older iPhone that can't run iOS 16? You've got a zero-day to deal with! That super-cool Studio Display monitor needs patching, too.
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.
Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in plain English... just like old times, with Duck and Chet!
In the game of cricket, 111 is an unauspicious number, but for Firefox, there doesn't seem to be much to worry about this month.
Everyone update now! Except for those who don't need to! Or who need to but will only get updates later on, though Apple isn't saying yet!
Don't delay, especially if you're still running an iOS 12 device... please do it today!
Get 'em while they're hot. And get 'em for the very last time, if you've still have Windows 7 or 8.1...
It happens to the best of us: Microsoft highlights a security bypass bug on Macs that is curiously similar to a recent Windows 0-day.