The Register: Apple patches ‘actively exploited’ iPhone zero-day with iOS 15.0.2 update

The Register: Apple patches ‘actively exploited’ iPhone zero-day with iOS 15.0.2 update. “Described as a ‘memory corruption issue’ by Apple, the vuln is present within the IOMobileFrameBuffer kernel extension, used for managing display memory. Malicious applications are said to be capable of triggering an integer overflow in the framebuffer, permitting execution of arbitrary code with kernel privileges.”

MIT Technology Review: 2021 has broken the record for zero-day hacking attacks

MIT Technology Review: 2021 has broken the record for zero-day hacking attacks. “A zero-day exploit—a way to launch a cyberattack via a previously unknown vulnerability—is just about the most valuable thing a hacker can possess. These exploits can carry price tags north of $1 million on the open market. And this year, cybersecurity defenders have caught the highest number ever, according to multiple databases, researchers, and cybersecurity companies who spoke to MIT Technology Review.”

Tom’s Guide: Update Google Chrome now to fix this dangerous zero-day flaw

Tom’s Guide: Update Google Chrome now to fix this dangerous zero-day flaw . “Few details are yet available about the zero-day flaw. Google’s Chrome blog post yesterday (July 15) notes that it involves ‘type confusion in V8,’ the JavaScript rendering engine used by Chrome, and that ‘Google is aware of reports that an exploit for CVE-2021-30563 [the flaw’s catalogue number] exists in the wild.’”

BetaNews: Update Chrome for Windows, Mac and Linux to protect against a dangerous zero-day vulnerability

BetaNews: Update Chrome for Windows, Mac and Linux to protect against a dangerous zero-day vulnerability. “A serious security vulnerability has been discovered in Chrome, forcing Google to push out an emergency update to the browser. Affecting the Windows, Mac and Linux versions of Chrome, the high severity vulnerability is being tracked as CVE-2021-21148.”