The outstanding stealth of Operation Triangulation - #CVE-2023-37450
In July 2023, Apple patched multiple zero-day vulnerabilities in the WebKit, kernel, and Find My components of its operating systems. These flaws were actively exploited by attackers to target iOS, iPadOS and macOS devices. The WebKit vulnerability allowed remote code execution via malicious web pages, while the kernel vulnerability allowed apps to modify sensitive kernel state, enabling attackers to gain control of devices. The Find My vulnerability leaked location data to unauthorized apps. Apple addressed these critical vulnerabilities in security updates for iOS, iPadOS, macOS, watchOS, tvOS and Safari, urging users to install the patches immediately to protect against sophisticated cyber attacks.