Researchers found a new iOS vulnerability called “trustjacking,” which exploits a feature called iTunes Wi-Fi Sync to give attackers persistent control over victims’ devices.
Researchers have identified what they are calling an Early Bird code injection technique used by the Iranian group APT33 to burrow the TurnedUp malware inside infected systems while evading anti-malware tools.
A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware.