All news with #ios tag

Intellexa Predator Leaks Reveal Zero-Days and Ad Abuse

🔎 Amnesty International reports a Pakistani human rights lawyer received a WhatsApp link tied to a Predator 1-click attempt, the first known targeting of Balochistan civil society by Intellexa's spyware. Jointly published leaks and vendor analyses show Predator (also marketed as Helios, Nova and Green Arrow) used messaging, ad-based and ISP-assisted vectors plus multiple zero-day exploits to install surveillance payloads. Google Threat Intelligence Group mapped numerous V8, WebKit, Android kernel and other CVEs to the campaign and documented a modular iOS exploitation framework named JSKit and a post-exploitation payload called PREYHUNTER. The disclosures raise urgent questions about exploit sourcing, customer access to logs, and human rights due diligence.

CISA: Active Spyware Campaigns Target Messaging Apps

🔐CISA warns that threat actors are actively using commercial spyware and remote-access trojans to target users of mobile messaging apps, combining technical exploits with tailored social engineering to gain unauthorized access. Recent campaigns include abuse of Signal's linked-device feature, Android spyware families ProSpy, ToSpy and ClayRat, a chained iOS/WhatsApp exploit (CVE-2025-43300, CVE-2025-55177) targeting a small number of users, and a Samsung flaw (CVE-2025-21042) used to deliver LANDFALL. CISA urges high-value individuals and organizations to adopt layered defenses: E2EE, FIDO phishing-resistant MFA instead of SMS, password managers, device updates, platform hardening (Lockdown Mode, iCloud Private Relay, app-permission audits, Google Play Protect), and to prefer modern hardware from vendors with strong security records.

AI-Powered Mach-O Analysis Reveals Undetected macOS Threats

🔎VirusTotal ran VT Code Insight, an AI-based Mach-O analysis pipeline against nearly 10,000 first-seen Apple binaries in a 24-hour stress test. By pruning binaries with Binary Ninja HLIL into a distilled representation that fits a large LLM context (Gemini), the system produces single-call, analyst-style summaries from raw files with no metadata. Code Insight flagged 164 samples as malicious versus 67 by traditional AV, surfacing zero-detection macOS and iOS threats while also reducing false positives.

Apple Backports Zero-Day Fixes to Older iPhones and iPads

🔒 Apple has released security updates that backport a patch for CVE-2025-43300 to older iPhone, iPad and iPod touch builds. The flaw is an out-of-bounds write in the Image I/O framework that can cause memory corruption, crashes, or enable remote code execution when a device processes a malicious image file. Apple said the issue was exploited in an extremely sophisticated targeted attack and has added improved bounds checking; affected users should install the updates promptly.