A previously unknown hardware feature in Apple’s iPhone System on a Chip (SoC) has been exploited in the advanced persistent threat (APT) “Operation Triangulation” campaign, according to Kaspersky’s Global Research and Analysis Team. The zero-click exploit, first spotted in 2019, is operated via the iMessage app, manipulating the JavaScriptCore library, and exploits vulnerabilities to circumvent iPhone security measures. This poses a risk to user privacy and security, targeting Russian diplomats and private firms, including Kaspersky.
Fake Google Meet conference errors push infostealing malware
A new ClickFix campaign is using fraudulent Google Meet conference pages to lure users, showing bogus connectivity error messages that deliver info-stealing malware for Windows