Two iOS zero-days used in limited mail attacks
Dennis Fisher writes:
Attackers have been exploiting a pair of dangerous vulnerabilities in the default mail app in Apple’s iOS software since at least January 2018 simply by sending specially formatted emails to target devices. The flaws are unpatched and have been present since iOS 6 was released in 2012.
The two vulnerabilities have been used in targeted attacks against a small subset of iOS users, mainly in Europe and Asia, but also in North America, according to researchers at ZecOps, a forensics and incident response firm that observed attacks against the bugs.
Read more on Decipher.