Tag

Watering Hole

All articles tagged with #watering hole

technology21 days ago•4 min saved

iPhone spyware goes mainstream as criminals weaponize iOS flaws

Researchers warn iPhone spyware once used by governments is now in criminals’ hands, with two campaigns—Coruna and DarkSword—exploiting iOS vulnerabilities via watering hole attacks to exfiltrate data like messages and location; Apple has patched many flaws and issued updates, and Safari now blocks malicious domains, but users should stay updated and enable Lockdown Mode as tools become more accessible to a wider range of attackers.

via Axios|

#coruna #cybersecurity #iphone

security23 days ago•7 min saved

DarkSword: High-End iOS Exploit Kit Uses Zero-Days for Rapid Device Takeover

DarkSword is a JavaScript-based iOS exploit kit targeting iPhones on iOS 18.4–18.7 via watering-hole campaigns, chaining six vulnerabilities to achieve remote code execution, escaping the WebContent sandbox through the GPU into mediaplaybackd, escalating to kernel privileges, and then loading a data-collection module to exfiltrate a wide range of information (including emails, iCloud data, messages, wallet data, photos, contacts, and more) before cleaning up. Used by UNC6353 and linked groups such as UNC6748 and PARS Defense, the kit underscores a growing market for high-end iOS exploits and rapid, non-persistent data theft.

via The Hacker News|

#data-exfiltration #exploit-kit #ios