Apple has released security updates to address two zero-day vulnerabilities used in active cyberattacks targeting Mac users. The bugs, identified by Google’s Threat Analysis Group, were exploited before being reported, suggesting a government-backed attack.
The updated software fixes issues with WebKit and JavaScriptCore, the web engines powering Safari and running web content. These vulnerabilities can be exploited through maliciously crafted websites or emails, allowing hackers to plant malware on infected devices.
No information is available on who is behind the attacks or how many users have been targeted. Apple’s security advisory recommends updating all supported devices immediately, including iPhones, iPads, and Macs with older iOS 17 software.
Users are advised to prioritize their device security as soon as possible, but Apple has declined to comment further on the situation.
Source: https://techcrunch.com/2024/11/19/apple-says-mac-users-targeted-in-zero-day-cyberattacks