Long stream of zero-days exploited in the wildīesides today's zero-day, Apple had to deal with what looks like an unending stream of zero-day bugs used in attacks targeting iOS and macOS devices: Thanks to Apple for getting patch out so quickly.
We saw this used in conjunction with a N-day remote code execution targeting webkit. The complete list of impacted devices includes: 'Apple is aware of a report that this issue may have been actively exploited,' Apple said when describing the zero-day bug. Successful exploitation of this bug leads to arbitrary code execution with kernel privileges on compromised devices. The zero-day patched today (tracked as CVE-2021-30869) was found in the XNU operating system kernel and was reported by Erye Hernandez and Clément Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero. Apple has released security updates to fix a zero-day vulnerability exploited in the wild by attackers to hack into iPhones and Macs running older iOS and macOS versions.
