June 21, 2023 By Sergiu Gatlan
Apple addressed three new zero-day vulnerabilities exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits.
"Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7," the company says when describing Kernel and WebKit vulnerabilities tracked as CVE-2023-32434 and CVE-2023-32435.
The two security flaws were found and reported by Kaspersky security researchers Georgy Kucherin, Leonid Bezvershenko, and Boris Larin.
