Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance.
The post ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors appeared first on SecurityWeek.
174 Vulnerabilities Targeted by RondoDox Botnet
The botnet has increased its activity, peaking at 15,000 exploitation attempts per day, and taking a more targeted approach.
The post 174 Vulnerabilities Targeted by RondoDox Botnet appeared first on SecurityWeek.
Apple Updates Legacy iOS Versions to Patch Coruna Exploits
The company has released iOS and iPadOS versions 16.7.15 and 15.8.7 to patch the vulnerabilities.
The post Apple Updates Legacy iOS Versions to Patch Coruna Exploits appeared first on SecurityWeek.
Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks
Google and iVerify analysis reveals a powerful exploit kit originally used by Russian state actors that is now appearing in broader criminal campaigns.
The post Nation-State iOS Exploit Kit ‘Coruna’ Found Powering Global Attacks appeared first on SecurityWeek.
Ex-US Defense Contractor Executive Jailed for Selling Exploits to Russia
Peter Williams was sentenced to 87 months in prison for selling cyber exploits to a Russian broker.
The post Ex-US Defense Contractor Executive Jailed for Selling Exploits to Russia appeared first on SecurityWeek.
China Revives Tianfu Cup Hacking Contest Under Increased Secrecy
Rewards for exploits are reportedly much smaller than in the contest’s glory days.
The post China Revives Tianfu Cup Hacking Contest Under Increased Secrecy appeared first on SecurityWeek.
Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure
Fresh attacks targeted three VMware ESXi vulnerabilities that were disclosed in March 2025 as zero-days.
The post Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure appeared first on SecurityWeek.
$320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits
Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities.
The post $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits appeared first on SecurityWeek.
Former US Defense Contractor Executive Admits to Selling Exploits to Russia
Peter Williams stole trade secrets from his US employer and sold them to a Russian cybersecurity tools broker.
The post Former US Defense Contractor Executive Admits to Selling Exploits to Russia appeared first on SecurityWeek.
$1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal
WhatsApp told SecurityWeek that the two low-impact vulnerabilities cannot be used for arbitrary code execution.
The post $1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal appeared first on SecurityWeek.
