Apple has released patches for three zero-day vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) exploited in the wild. The first two have been reported by Kaspersky researchers Georgy Kucherin, Leonid Bezvershenko and Boris Larin following their discovery of the iOS spyware implant they dubbed TriangleDB, and the third one by an anonymous researcher. The vulnerabilities (CVE-2023-32434, CVE-2023-32435, CVE-2023-32439) CVE-2023-32439 is a type confusion issue in the WebKit browser engine that could be triggered by the vulnerable device processing … More
The post Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435) appeared first on Help Net Security.