Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days fixed this year.
While Apple has yet to provide additional details regarding the flaws’ exploitation in the wild, Citizen Lab and Google Threat Analysis Group security researchers have often disclosed zero-day bugs abused in targeted spyware attacks targeting high-risk individuals, including journalists, opposition politicians, and dissidents.
Citizen Lab disclosed two other zero-days, also fixed by Apple in emergency security updates earlier this month and abused as part of a zero-click exploit chain to infect fully patched iPhones with NSO Group’s Pegasus commercial spyware.
Apple discloses 2 new zero-days exploited to attack iPhones, Macs.
Apple fixes new zero-day used in attacks against iPhones, Macs.
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks.